Overview

overview

7

Static

static

PO_2300000...df.exe

windows10-1703-x64

7

PO_2300000...df.exe

windows7-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    7a8df2f61615c0a14fa3842848c04820.zip

  • Size

    702KB

  • Sample

    230202-r9dv7ahb94

  • MD5

    026dabf693ca494fa82ec638d919d20a

  • SHA1

    afc4552e8fd4c0a8ce3ddfce366068417f6206bb

  • SHA256

    877cb4363f98fa01fde325c33cd8e242146420d14aed652eb72098920702f836

  • SHA512

    b8402e1eb58aa671d9b110c9376b5f863a68e5515fac4fbae7de9b65e8849b48004eb1b9bbb4858544a1cd494829dae77ea814090761650759148706a9a3f4a5

  • SSDEEP

    12288:PuohOs+WCFgJQ3tVgXyqEdqLaMt3q6pN5fn9az8OWDBun3V21X4vc1YzgTfrmMjI:WoUv5qyiaMt6aFqWtuFpk153+

Score
7/10
collectionspywarestealer

Malware Config

Targets

    • Target

      PO_2300000000010134016_IDD230004898876-pdf.com

    • Size

      881KB

    • MD5

      7a8df2f61615c0a14fa3842848c04820

    • SHA1

      da996fe6c0ce68a0cc1d21d78ec8dac9f97a4943

    • SHA256

      37af7cb28ef75ede6027bc599b6a7c6f30e94dc478e8f04a8f876b6a3e03a179

    • SHA512

      4a1d330fc9c8760b53a2b998e8d56de5d5ed60497e753f202888a6970b3db3b28c152ec910c22b42efb5945c4c4fc5ee1e932c2ff73cc7d0191ffab6922dd082

    • SSDEEP

      24576:Vz35DEN5QUaibqWdIPuebU2xZ1jK0QJN6F0xMpqG4yPao:bS5QUBqMwRQiWiq

    Score
    7/10
    collectionspywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks