Overview

overview

7

Static

static

1

tmp.exe

windows7-x64

7

tmp.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    32KB

  • Sample

    230320-3bn42sfg62

  • MD5

    495ce8bc963f4b0d156e4b7e5ed97ed4

  • SHA1

    2a2f72bbb5f111e0c8dd9038ea213dca3783e266

  • SHA256

    66e254d86a825aaba511f1d0b75ceb4520fa38d518b305a770a03fdb17dc1243

  • SHA512

    5ad2ea5696ffecf3318c5c2233da79fc0b849ac92a1550adda04f915196f831292f39058f38fd636b5615d93bbe6eedb489b0ef96bd7199c8a6ab1605e13e244

  • SSDEEP

    768:1wio7l3GxAKqRkSmKXblqxxf/7Gs+o7X:1wio3GxAKqRkSHblQxfTj+i

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      tmp

    • Size

      32KB

    • MD5

      495ce8bc963f4b0d156e4b7e5ed97ed4

    • SHA1

      2a2f72bbb5f111e0c8dd9038ea213dca3783e266

    • SHA256

      66e254d86a825aaba511f1d0b75ceb4520fa38d518b305a770a03fdb17dc1243

    • SHA512

      5ad2ea5696ffecf3318c5c2233da79fc0b849ac92a1550adda04f915196f831292f39058f38fd636b5615d93bbe6eedb489b0ef96bd7199c8a6ab1605e13e244

    • SSDEEP

      768:1wio7l3GxAKqRkSmKXblqxxf/7Gs+o7X:1wio3GxAKqRkSHblQxfTj+i

    Score
    7/10
    spywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks