Overview

overview

8

Static

static

8

831eeaf992...4f.exe

windows7-x64

8

831eeaf992...4f.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    831eeaf992fbda2ef6e0c86d0bad069d0201d9438432193667896829062f9d4f

  • Size

    2.1MB

  • Sample

    230112-frf22sba8v

  • MD5

    204b2f09999e5e6239c5c09dd3964bce

  • SHA1

    c003ce2c8fb08f18e455f707a2e2c6b3b5d23116

  • SHA256

    831eeaf992fbda2ef6e0c86d0bad069d0201d9438432193667896829062f9d4f

  • SHA512

    64921baaf7b76abc0080fc1c3f1f6f467bea050a4165d0b54eecc1c87f4eb3df7a85bacf36bfe0583f5fdf60114cbb32f6ad5928aa59ab23023aa3ae7d3c68d1

  • SSDEEP

    49152:dCkqZkmRXxGgYr4WHDkhBfvL4MoUePZn/I5tl89oxY26FkRMWf8c:PqZtRhfYr4mY0MoPBn/iSou7kRff8c

Score
8/10
spywarestealerupx

Malware Config

Targets

    • Target

      831eeaf992fbda2ef6e0c86d0bad069d0201d9438432193667896829062f9d4f

    • Size

      2.1MB

    • MD5

      204b2f09999e5e6239c5c09dd3964bce

    • SHA1

      c003ce2c8fb08f18e455f707a2e2c6b3b5d23116

    • SHA256

      831eeaf992fbda2ef6e0c86d0bad069d0201d9438432193667896829062f9d4f

    • SHA512

      64921baaf7b76abc0080fc1c3f1f6f467bea050a4165d0b54eecc1c87f4eb3df7a85bacf36bfe0583f5fdf60114cbb32f6ad5928aa59ab23023aa3ae7d3c68d1

    • SSDEEP

      49152:dCkqZkmRXxGgYr4WHDkhBfvL4MoUePZn/I5tl89oxY26FkRMWf8c:PqZtRhfYr4mY0MoPBn/iSou7kRff8c

    Score
    8/10
    spywarestealerupx

    • Downloads MZ/PE file

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks