12b62e1ef62b8b2c7be3b5e86192eabfcab0f36f84d2247738ee23b83fdb5638 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

GoogleMaps Route.exe

windows7-x64

7

GoogleMaps Route.exe

windows10-2004-x64

7

Resubmissions

31-03-2023 20:17

230331-y2qcksed9t 7

31-03-2023 20:06

230331-yvtfnaed4y 7

Sharing

General

Target

GoogleMaps Route.exe
Size

66.8MB
Sample

230331-yvtfnaed4y
MD5

29f8bea8a3a7e89101be0a1a1da0ba59
SHA1

7bf01c831d94f4e5c336a22389dab213631e2d9c
SHA256

12b62e1ef62b8b2c7be3b5e86192eabfcab0f36f84d2247738ee23b83fdb5638
SHA512

e29b1e6bec7122f5ef3dfcfa7a43461440c80eb375b025abf8e86cd5e22658e4f55ae18751120fdda52a593b7f4c5efb46f27bc6ea45368fba814871f579d9c0
SSDEEP

1572864:bwUxLVsBfK44PMdN1noTyxxvKqObr6b9/IeN5y49jOYSWrBT8pK:bwOVyi44g1cf6Z/Fw4JBBTN

Score

7^/10

spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

GoogleMaps Route.exe

Resource

win7-20230220-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

GoogleMaps Route.exe

Resource

win10v2004-20230221-en

spyware stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  GoogleMaps Route.exe
- Size
  
  66.8MB
- MD5
  
  29f8bea8a3a7e89101be0a1a1da0ba59
- SHA1
  
  7bf01c831d94f4e5c336a22389dab213631e2d9c
- SHA256
  
  12b62e1ef62b8b2c7be3b5e86192eabfcab0f36f84d2247738ee23b83fdb5638
- SHA512
  
  e29b1e6bec7122f5ef3dfcfa7a43461440c80eb375b025abf8e86cd5e22658e4f55ae18751120fdda52a593b7f4c5efb46f27bc6ea45368fba814871f579d9c0
- SSDEEP
  
  1572864:bwUxLVsBfK44PMdN1noTyxxvKqObr6b9/IeN5y49jOYSWrBT8pK:bwOVyi44g1cf6Z/Fw4JBBTN
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy