Overview

overview

8

Static

static

Installer.exe

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Installer.exe

  • Size

    65.6MB

  • Sample

    230107-lfyqlsgf31

  • MD5

    2c432415492e162a419b461885159397

  • SHA1

    7d88c602c0233d6b9d455683b57f75425aa71758

  • SHA256

    4b38d38c7cdee82d3c66e40d328c1fe5a5c718e968d7fd9b9bbacb286e723c2c

  • SHA512

    1a57cf335eed54d34c6f0767302c8a7661d676c4f1d625b1262d8967c355337e76ef5f0910490c7426d0692d3394bab6caafdefdd40a646ee27cf10802d44de6

  • SSDEEP

    1572864:hYMIbVMRgwutwY9PLdzggf+Zque505I/4MrBmuNYCRhrcFxpjv2:hTIKSwSwoMcF0uTrBjNY04D2

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      Installer.exe

    • Size

      65.6MB

    • MD5

      2c432415492e162a419b461885159397

    • SHA1

      7d88c602c0233d6b9d455683b57f75425aa71758

    • SHA256

      4b38d38c7cdee82d3c66e40d328c1fe5a5c718e968d7fd9b9bbacb286e723c2c

    • SHA512

      1a57cf335eed54d34c6f0767302c8a7661d676c4f1d625b1262d8967c355337e76ef5f0910490c7426d0692d3394bab6caafdefdd40a646ee27cf10802d44de6

    • SSDEEP

      1572864:hYMIbVMRgwutwY9PLdzggf+Zque505I/4MrBmuNYCRhrcFxpjv2:hTIKSwSwoMcF0uTrBjNY04D2

    Score
    8/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks