Overview

overview

7

Static

static

1

961fefeda3...c7.exe

windows7-x64

7

961fefeda3...c7.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ea36e1f335ddc3b518fb817b92b2f7e9.bin

  • Size

    274KB

  • Sample

    230327-csc51abc54

  • MD5

    2632314a596dd86fe182fee25dcc5840

  • SHA1

    eafd4942ced346e74b2b4e7b100d0b06c340bf1c

  • SHA256

    696e95844a9769baa7881557abbdc47b44841478d8e24efd05bff804330d9070

  • SHA512

    4faed0245aa0bb386f49498518795460ba75c8ea5dc95d9877368357408414227f246d584d554ecd501d28c72eb4c3dec72227fa7d7d38e3621a462c46639a3f

  • SSDEEP

    6144:mkG/LuIDNftcNdho5mjr7vzWsHnbQJjzG66U7hu4yn7KIKN:mB/PN1cNdS50r7qIbAjuU84S7o

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      961fefeda3155a237a5cb947701f9b2baaab58b4ed675098c7809984950803c7.exe

    • Size

      288KB

    • MD5

      ea36e1f335ddc3b518fb817b92b2f7e9

    • SHA1

      2a5572b661eab051d4fd9f99e14341351ce9028f

    • SHA256

      961fefeda3155a237a5cb947701f9b2baaab58b4ed675098c7809984950803c7

    • SHA512

      7b961d94c1e48def0fbab56a7483555fdac7f20c23985f955b8864a9ed98851767f419884321f451ea473b70d571b2c9163d305bdd4891c73b3468a2cd019e0f

    • SSDEEP

      6144:PYa6vM9nNG/+pJL0esyFnV2nnRh6/ORIURURBZ+aUjHOt+HN9YfeQjj2KQ:PYtMnNG/+XL8yxV2nRsWRIUdawRUeoQ

    Score
    7/10
    spywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks