Overview

overview

7

Static

static

1

f3197e9988...11.zip

windows7-x64

1

f3197e9988...11.zip

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f3197e998822bc45cb9f42c8b153c59573aad409da01ac139b7edd8877600511.zip

  • Size

    16.1MB

  • Sample

    230330-qte8msec8s

  • MD5

    929e6f2c8896059c72368915abcaefa2

  • SHA1

    7122f0b88607061806fd62282e8b175ae28b7e29

  • SHA256

    f3197e998822bc45cb9f42c8b153c59573aad409da01ac139b7edd8877600511

  • SHA512

    ba34b8e58286ed75fe42e43521d293d15378878d911ba543b75984ac2e81ab023e39ebe7bca87a09e12ed93ea4f0f79b642843e51589c92a44035aeede204162

  • SSDEEP

    393216:OxWPWIbRtvIIZoDvuu3wc8mxUwA35tUF1kvOaMAA5veTP8Jbo+p2qf8C3N:OMPWIbRdZYv7A8xUH/0g1OvidalfFN

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      f3197e998822bc45cb9f42c8b153c59573aad409da01ac139b7edd8877600511.zip

    • Size

      16.1MB

    • MD5

      929e6f2c8896059c72368915abcaefa2

    • SHA1

      7122f0b88607061806fd62282e8b175ae28b7e29

    • SHA256

      f3197e998822bc45cb9f42c8b153c59573aad409da01ac139b7edd8877600511

    • SHA512

      ba34b8e58286ed75fe42e43521d293d15378878d911ba543b75984ac2e81ab023e39ebe7bca87a09e12ed93ea4f0f79b642843e51589c92a44035aeede204162

    • SSDEEP

      393216:OxWPWIbRtvIIZoDvuu3wc8mxUwA35tUF1kvOaMAA5veTP8Jbo+p2qf8C3N:OMPWIbRdZYv7A8xUH/0g1OvidalfFN

    Score
    7/10
    spywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks