Overview

overview

7

Static

static

1

conti/locker.exe

windows7-x64

7

conti/locker.exe

windows10-2004-x64

7

Resubmissions

11-03-2023 15:20

230311-sqvv2abh7w 7

11-03-2023 13:56

230311-q8tpksbf8y 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Desktop.zip

  • Size

    441KB

  • Sample

    230311-sqvv2abh7w

  • MD5

    9939ec0b4762cb5f5aef3116ec62763d

  • SHA1

    b6571f2c205412d9c7b2cf0a5aabda448844b634

  • SHA256

    45438e0d6a47a90beea24d4bb1d0a4387032a12a9b7d64b2e08986cbfb264406

  • SHA512

    d3a1314e0f44de3f20aae125851173e36a704daf0fcf14327b1c9341059311c3174e5aad274f5cbad08e8b71bbdaa93f590f2480f5c3ec6b7d0fe2c546125a6f

  • SSDEEP

    12288:FCK5maH/V4sBXIxzv1C0sSihBVW6CDg1K1on61UDhG:T7C5S072BlCk14on61kG

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      conti/locker.exe

    • Size

      1.4MB

    • MD5

      f9f2b0dca4ff4365b98599afb5c1e14e

    • SHA1

      9cac04b31f29b81c89cfd840e160a1185768c699

    • SHA256

      2b19e130390bf1a65c40a909a3dc5ce2af96d921d2bb4949724be9085e0abbe7

    • SHA512

      52d586efaeea2e3350e08ce53b3b8fef63c4cd22eab757aa7d42a6534011d505ad14c39b59d70f45a17ed0035bc234fd0dffef209739a81cae8841b214d1308a

    • SSDEEP

      12288:GZH7AAO2VRbDEsLC3L79iiauuxJ8QahIha4B7ByfdoiUriupSezaVm:GZH7Hc3L7yJGhIha4B1yfui8b2m

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks