Overview

overview

10

Static

static

1

GMScraper Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    GMScraper Setup.exe

  • Size

    6.3MB

  • Sample

    230328-g6az1shd28

  • MD5

    35e2983ce8875de8150a7b5f3c1e66cb

  • SHA1

    4e73eee236402f1f71275b0a3174e1f76fa6a04e

  • SHA256

    f203502e2184b760cf630337cd2406ca90d08b091d12289174d2f9b2a7825b1b

  • SHA512

    b757727c53683ae2a855931bc05060041f493f4b70bf54610cd1f4af9fc3aacdccc336bd962f9d51033a1c93091d8188eabd6dfb6debd800bfe4097d61ed5de8

  • SSDEEP

    98304:7kL1rioQlVhO0t96QkUT3mhtS62JiQQFQDuaOSdzywVCvZB7MPO+3TMB17:w1uoQlG0tPiRi7QFLzSdxVQZWB4n7

Score
10/10
discoveryphishing

Malware Config

Targets

    • Target

      GMScraper Setup.exe

    • Size

      6.3MB

    • MD5

      35e2983ce8875de8150a7b5f3c1e66cb

    • SHA1

      4e73eee236402f1f71275b0a3174e1f76fa6a04e

    • SHA256

      f203502e2184b760cf630337cd2406ca90d08b091d12289174d2f9b2a7825b1b

    • SHA512

      b757727c53683ae2a855931bc05060041f493f4b70bf54610cd1f4af9fc3aacdccc336bd962f9d51033a1c93091d8188eabd6dfb6debd800bfe4097d61ed5de8

    • SSDEEP

      98304:7kL1rioQlVhO0t96QkUT3mhtS62JiQQFQDuaOSdzywVCvZB7MPO+3TMB17:w1uoQlG0tPiRi7QFLzSdxVQZWB4n7

    Score
    10/10
    discoveryphishing

    • Detected phishing page

      phishing

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Credential Access

Discovery

Query Registry

5
T1012

System Information Discovery

4
T1082

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks