Overview

overview

8

Static

static

1

Screenshot...PM.png

windows10-1703-x64

8

Resubmissions

31-03-2023 21:54

230331-1sfswsdg47 3

31-03-2023 21:47

230331-1nnypsdg22 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Screenshot 2023-03-29 1.26.11 PM.png

  • Size

    6KB

  • Sample

    230331-1nnypsdg22

  • MD5

    f0f567fafa68e254d1f6eae6ea04175d

  • SHA1

    6c31df8b59069a3726d0a700d6cead9dc216e9fe

  • SHA256

    caeb3c4ed13a317c18dcc4b6955d74b0c6984f7f1370f27d9f1bdd357922581c

  • SHA512

    bda2b6d85c6bba3a3485295ca7bfa1505c6eaa5c40eef601ecea6d4b98dafe28608f8da9332e1f712864f1f3e6ec5954ea760e644e8e6c36a001233cc61180be

  • SSDEEP

    192:sLWcsHW4wlVBrubeiFTgxEi9z9CAI0XMn6cNG5:ovlVBweYWT9z9C4ri2

Score
8/10
discoveryevasionspywarestealertrojan

Malware Config

Targets

    • Target

      Screenshot 2023-03-29 1.26.11 PM.png

    • Size

      6KB

    • MD5

      f0f567fafa68e254d1f6eae6ea04175d

    • SHA1

      6c31df8b59069a3726d0a700d6cead9dc216e9fe

    • SHA256

      caeb3c4ed13a317c18dcc4b6955d74b0c6984f7f1370f27d9f1bdd357922581c

    • SHA512

      bda2b6d85c6bba3a3485295ca7bfa1505c6eaa5c40eef601ecea6d4b98dafe28608f8da9332e1f712864f1f3e6ec5954ea760e644e8e6c36a001233cc61180be

    • SSDEEP

      192:sLWcsHW4wlVBrubeiFTgxEi9z9CAI0XMn6cNG5:ovlVBweYWT9z9C4ri2

    Score
    8/10
    discoveryevasionspywarestealertrojan

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks