Overview

overview

7

Static

static

Blender3D.exe

windows7-x64

1

Blender3D.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Blender3D.exe

  • Size

    342.5MB

  • Sample

    221230-t74d6sga34

  • MD5

    b567aeed76660deee97e821ae90af04e

  • SHA1

    da5f40e43c9d9b12e7ada8e0ca9d502cda2dde46

  • SHA256

    83edf33d8ccf777877172facca78324edb98ef84cd276406975cf9f1b796793b

  • SHA512

    fc1f8bbc45e901911e7e1cc384cad15ba5085831f0dcf9e49ba7df265eab1fd7ef59fee7e1a6082d3476acc0e62cc2685ef73d39925d95085080bfa16ca1d8b6

  • SSDEEP

    12288:KIN5k4cp98rjy0m6EWpMiaLubN2eb+QU:HN5+ormoMjm

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      Blender3D.exe

    • Size

      342.5MB

    • MD5

      b567aeed76660deee97e821ae90af04e

    • SHA1

      da5f40e43c9d9b12e7ada8e0ca9d502cda2dde46

    • SHA256

      83edf33d8ccf777877172facca78324edb98ef84cd276406975cf9f1b796793b

    • SHA512

      fc1f8bbc45e901911e7e1cc384cad15ba5085831f0dcf9e49ba7df265eab1fd7ef59fee7e1a6082d3476acc0e62cc2685ef73d39925d95085080bfa16ca1d8b6

    • SSDEEP

      12288:KIN5k4cp98rjy0m6EWpMiaLubN2eb+QU:HN5+ormoMjm

    Score
    7/10
    discoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks