Overview

overview

8

Static

static

setup-istr...ow.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    setup-istripper_gJLdbJygt4qhRLOkeLfeEow.exe

  • Size

    60.0MB

  • Sample

    230103-3chnnadc38

  • MD5

    375175390fdbad35be67f4d1280d354d

  • SHA1

    75f3a776a43aa32be704f2fa8128beba34a0b0fd

  • SHA256

    0c4ba07d364270a181264f0dffb38ca21c5acf0d295b6ef70ec759ba20d7bcfd

  • SHA512

    84ad7ffea6bb87580055b7eb717fef3dc11e435d704a875a49ee150a132d03be951a1eb1e764158039a528e198ef62eda9fe62dfbd6d109b48b308e9c6f2d593

  • SSDEEP

    1572864:9ryZAULSMb6IZ0p8zhSArVPP4S/lxJUXvd80PFb:9r8N8vAreoUXV8mJ

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      setup-istripper_gJLdbJygt4qhRLOkeLfeEow.exe

    • Size

      60.0MB

    • MD5

      375175390fdbad35be67f4d1280d354d

    • SHA1

      75f3a776a43aa32be704f2fa8128beba34a0b0fd

    • SHA256

      0c4ba07d364270a181264f0dffb38ca21c5acf0d295b6ef70ec759ba20d7bcfd

    • SHA512

      84ad7ffea6bb87580055b7eb717fef3dc11e435d704a875a49ee150a132d03be951a1eb1e764158039a528e198ef62eda9fe62dfbd6d109b48b308e9c6f2d593

    • SSDEEP

      1572864:9ryZAULSMb6IZ0p8zhSArVPP4S/lxJUXvd80PFb:9r8N8vAreoUXV8mJ

    Score
    8/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks