Overview

overview

7

Static

static

3

0684a8e1ea...00.exe

windows7-x64

7

0684a8e1ea...00.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0684a8e1ea5980161c499f1cdbbf7fb64ec32adcdf6009d15192c986e0e49600

  • Size

    285KB

  • Sample

    230508-3kmbtafa8y

  • MD5

    f44375e9145520b83056771dd1749e4c

  • SHA1

    0dfc36424e02a88ead8d1fadf631ba7a63b545b7

  • SHA256

    0684a8e1ea5980161c499f1cdbbf7fb64ec32adcdf6009d15192c986e0e49600

  • SHA512

    eb750f01b159789e54e42e6a91aaab6d62eb674a3aa87241523872231264c23717424417534e8b49b2837fe31871c9207dcd4298c61c3cfa36ccc90bcf960cc8

  • SSDEEP

    6144:vYa6cBOlE7jsnxtuyPa8FZ3+thp57s2q89OtlHaFibg+zM:vYaolUi7PTFV+tdsb89OtIOg7

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      0684a8e1ea5980161c499f1cdbbf7fb64ec32adcdf6009d15192c986e0e49600

    • Size

      285KB

    • MD5

      f44375e9145520b83056771dd1749e4c

    • SHA1

      0dfc36424e02a88ead8d1fadf631ba7a63b545b7

    • SHA256

      0684a8e1ea5980161c499f1cdbbf7fb64ec32adcdf6009d15192c986e0e49600

    • SHA512

      eb750f01b159789e54e42e6a91aaab6d62eb674a3aa87241523872231264c23717424417534e8b49b2837fe31871c9207dcd4298c61c3cfa36ccc90bcf960cc8

    • SSDEEP

      6144:vYa6cBOlE7jsnxtuyPa8FZ3+thp57s2q89OtlHaFibg+zM:vYaolUi7PTFV+tdsb89OtIOg7

    Score
    7/10
    spywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks