Overview

overview

8

Static

static

3

12db6f77d2...c0.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    SuperEnjoy.zip

  • Size

    742KB

  • Sample

    230521-q59avsad75

  • MD5

    b7a22ca59eb4988454728095f99199f9

  • SHA1

    9a0e5328a6117eb08d47754957d7065590c6e92e

  • SHA256

    a4d7eccd562e7dd81fea8d32bd468754337a1cb7407be0124774c4e5f813691e

  • SHA512

    7fc0c90d1793b8283c0e1c8012751a615d20aed396beda6ef241cf83696d809d588a5224d4d8ec00f394224c5720f91207357273910ef2849e953dfa899535e0

  • SSDEEP

    12288:rYLYmZe/owCYhKKXuFk2Ewjut6tqOg54NG5xwXZh01Hne2YniX4Eg0SQZKryML7Q:ULXZe/owmjugq2imXZahe2bX4tQAryg8

Score
8/10
evasionspywarestealer

Malware Config

Targets

    • Target

      12db6f77d235f0af6461a490040f23e1dc902385de317cd19b5478df425f2ec0.exe

    • Size

      1.0MB

    • MD5

      b6ccb153be2baeb540e487cf5d52ee0b

    • SHA1

      609f491429520427dd4b8034ea0f313481e19b43

    • SHA256

      12db6f77d235f0af6461a490040f23e1dc902385de317cd19b5478df425f2ec0

    • SHA512

      d2fce8e5e0dc3bdb8efa4b46d8adb51701114da5eafdf9d34112af6fb3c6da6afaee30bcfd1408be48c322e744d8479f44297fdacb0f1b158bdfd6725c8e209f

    • SSDEEP

      24576:KTTsFdCYHmXIz2MYLjtAuiy6vNr7r688ZQ:cTuHPz2MYYyu1SQ

    Score
    8/10
    evasionspywarestealer

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks