Overview

overview

8

Static

static

f_006a4b.exe

windows7-x64

8

f_006a4b.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f_006a4b.zip

  • Size

    690KB

  • Sample

    230131-kq45pshd71

  • MD5

    4247b298c9ea646dda995afd9f777f10

  • SHA1

    4d28012fbeb62079c847a8015a738f99e4836575

  • SHA256

    eddd3d96c3edaef4b7b961bcc59036c877b8d20ec723d1df9dd205d849803e30

  • SHA512

    8fcd09b04c928f33bacafdec29b31e8ac20603370b3b17c6685e281a044fc9d65f958198fb9b3d4058aa975cb49218f1a083fb8807260afe65bf955e92e45eab

  • SSDEEP

    12288:zPCtoxQF6gsQlVS9ZUQYqc9lqC/wX2ePLd+ufbsfU+2qdPoP1y:uyQU3QUqwXceJ8Pody

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      f_006a4b

    • Size

      1.3MB

    • MD5

      5cb079f8ec885592c5538dbe0362d593

    • SHA1

      a5702ea5dfd73c619ad2625e645b93e0a39b1451

    • SHA256

      532a7d66259842f4a710ea7bc6dc48547de371bb69fc842f53934876e787efb8

    • SHA512

      8787a51f3e7eacfd5f507abdfacd58aef34a704d01f84c05ec8074cb77318d3b14223ff2ca3da399633ef82d3529266bcf3bb174bf746450697117915641fb90

    • SSDEEP

      24576:Ch6SVFzDl6eZmL4v9IoYOlrQ14T1+G05hKwzlXX8l8whkwBY2/+WLHkOU:q6UXtvDz85hK8XM8rcY/OU

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks