e98d8f56f528f7f03d65bcdd1736e950307452b5f336b5b0e8601d36b44a37f9 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

73da98ea6f...79.exe

windows7-x64

7

73da98ea6f...79.exe

windows10-2004-x64

7

Sharing

General

Target

quipexe.zip
Size

611KB
Sample

230403-xb2r9aac5s
MD5

c7a55affb261112f20343838f8333ded
SHA1

6078f845f7e0dd5543d66b825c563e7ef1bb9743
SHA256

e98d8f56f528f7f03d65bcdd1736e950307452b5f336b5b0e8601d36b44a37f9
SHA512

8518472f27023b83c4cc09031374098c1cc10052afb2a6078a0d6319a77762fc79df8147c59e157f1bc60350d5364b3a15ba8c999b6541e62fcb584205a5a456
SSDEEP

12288:uY9o3YNubF76/yZNYV4aR4Xgl5wqAcUllj0uUEIBrt77uIvltJN4ZjUe:uYa3YNUzZNYVN+cwl4uUEIv7aIvltJNi

Score

7^/10

bootkit persistence spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

73da98ea6f303b14d150e647de7ff772daf720315498d1e1e7ef5b9195b6ea79.exe

Resource

win7-20230220-en

bootkit persistence spyware stealer upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

73da98ea6f303b14d150e647de7ff772daf720315498d1e1e7ef5b9195b6ea79.exe

Resource

win10v2004-20230220-en

bootkit persistence spyware stealer upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  73da98ea6f303b14d150e647de7ff772daf720315498d1e1e7ef5b9195b6ea79.bin
- Size
  
  639KB
- MD5
  
  5799a92f997c9b915e4982837e129895
- SHA1
  
  5cb67960e5446b6ca2f495d5ff7ca1cf39fc4775
- SHA256
  
  73da98ea6f303b14d150e647de7ff772daf720315498d1e1e7ef5b9195b6ea79
- SHA512
  
  6225a06f235eaa956e9759b819925953af5e372d7a06ab95e7016727ca04db60f5131d48c52d19583f077cbda8dd264e862f9f03ef4eefa3edcfd39c434c5885
- SSDEEP
  
  12288:M4vgb1vBDAwL1cpLCuP8PTw70JoJSdgTnDGOYylPRH+1BzDDz9xeZM11cedX:M4vMlBDpL1tziFSsFy1lDWZqldX
Score

7^/10

bootkit persistence spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Credentials in Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistencespywarestealerupx

behavioral2

bootkitpersistencespywarestealerupx

© 2018-2024

Terms | Privacy