Overview

overview

8

Static

static

1

2b5d5f5f12...10.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10533921670.zip

  • Size

    12.0MB

  • Sample

    230524-1tnvwsfa73

  • MD5

    ff2f58884c3462f16a4197475d6426ac

  • SHA1

    303b5632e572391fad6efcd3c4ed93a54b13cc0d

  • SHA256

    e4462652fccb68f1880457071ba25b85a8fc0e21eee4c6756f93767d356a677f

  • SHA512

    17aafa4a10398faaa94d26023529e7a6e502ea42b1e9a68613cc497799671f5f9b01e1a8cb10ef04537bfe71b816ef6e02c679c7db6eefc74c7b91994709d065

  • SSDEEP

    196608:hdS1FZZgary6oEmxmXR07wYror967dQVCVFyB7pE10rHWnNXCcK28RX:hdSPZZXry6oEvh08YrRdwQFyBcAHYNY/

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      2b5d5f5f126df5d0a7af4ebb8b6d34eb4934fa0fae602515b0ada48b376bdb10

    • Size

      12.0MB

    • MD5

      535dc7924ccfefce59c70ff8b5a4c961

    • SHA1

      89bd012794ab7d434b5a040f21cbea1e3f291a2d

    • SHA256

      2b5d5f5f126df5d0a7af4ebb8b6d34eb4934fa0fae602515b0ada48b376bdb10

    • SHA512

      19be2c6a5ca8c00cfbdaba0e6b138fa2a4e179298ecc50693b4ecac9db355116e2de8722e4a8de1c09a2f49ab5d4aaab29a85e213a054aab2a73a404ee462a94

    • SSDEEP

      196608:eSajD+DBORFDlUlRoQe/GloOYiOHuG6Ipdcy3ZxAwAUj/wtC6YU+cOrFB10TzlX9:eSau0hivoQe/GlxYzOG7VZHyXYyOBr0X

    Score
    8/10
    discoverypersistencespywarestealerupx

    • Downloads MZ/PE file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks