Overview

overview

8

Static

static

e893cb5944...31.exe

windows7-x64

8

e893cb5944...31.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e893cb5944cb149f77ea53900bae972bd6c9e531

  • Size

    304KB

  • Sample

    230201-qcz7gsdf49

  • MD5

    6b8c9f1aa06f8587edd290f3d0188359

  • SHA1

    e893cb5944cb149f77ea53900bae972bd6c9e531

  • SHA256

    91f7c342ce163fe12c018a5068f921b5b78574cf05927bb85876be8484a2c237

  • SHA512

    9c170eeee18c0f41564a77056ec0cb31a87f684fec0b329e0a5586e55df0e29de2167020039689edb5009c1de62461aa49a3d067953e84e744b00e286568d641

  • SSDEEP

    6144:/Ya6MvLBCyy7CpvnutlJJ0UoBeZJtKXWM/UYzBA21:/YyzBby7kvG9cexWWM/USf

Score
8/10
collectionspywarestealer

Malware Config

Targets

    • Target

      e893cb5944cb149f77ea53900bae972bd6c9e531

    • Size

      304KB

    • MD5

      6b8c9f1aa06f8587edd290f3d0188359

    • SHA1

      e893cb5944cb149f77ea53900bae972bd6c9e531

    • SHA256

      91f7c342ce163fe12c018a5068f921b5b78574cf05927bb85876be8484a2c237

    • SHA512

      9c170eeee18c0f41564a77056ec0cb31a87f684fec0b329e0a5586e55df0e29de2167020039689edb5009c1de62461aa49a3d067953e84e744b00e286568d641

    • SSDEEP

      6144:/Ya6MvLBCyy7CpvnutlJJ0UoBeZJtKXWM/UYzBA21:/YyzBby7kvG9cexWWM/USf

    Score
    8/10
    collectionspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks