Overview

overview

9

Static

static

7

11.exe

windows7-x64

9

11.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    11.exe

  • Size

    1.3MB

  • Sample

    230607-zyandsfh89

  • MD5

    2c66dc153c947bdc4dda7118f60e4540

  • SHA1

    a6c6250a54c16cebdd8ded3a3b8f7bd6d7db0464

  • SHA256

    dd649575ad8c4888137f3325a6262d7634f97c07c9711fac49e2c73bd395202a

  • SHA512

    7b1f7a0f8cebb3a2a5f25755238457556e4a41b4ad0aa643284f8ff41b1ba6b1d22675edf980f1ba82da5a611b4d14a5c45e5f57584979f7ea1192153b545211

  • SSDEEP

    24576:ehloDX0XOf4lLZPs0AZCZWE7cRGo8sOgZQz00a3CI98Ye3BmQ/KV1PpAOvqADs6u:ehloJf6FFAZCZWE7cRGo8sOgZy00a3C3

Score
9/10
collectionspywarestealerupx

Malware Config

Targets

    • Target

      11.exe

    • Size

      1.3MB

    • MD5

      2c66dc153c947bdc4dda7118f60e4540

    • SHA1

      a6c6250a54c16cebdd8ded3a3b8f7bd6d7db0464

    • SHA256

      dd649575ad8c4888137f3325a6262d7634f97c07c9711fac49e2c73bd395202a

    • SHA512

      7b1f7a0f8cebb3a2a5f25755238457556e4a41b4ad0aa643284f8ff41b1ba6b1d22675edf980f1ba82da5a611b4d14a5c45e5f57584979f7ea1192153b545211

    • SSDEEP

      24576:ehloDX0XOf4lLZPs0AZCZWE7cRGo8sOgZQz00a3CI98Ye3BmQ/KV1PpAOvqADs6u:ehloJf6FFAZCZWE7cRGo8sOgZy00a3C3

    Score
    9/10
    collectionspywarestealerupx

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • NirSoft WebBrowserPassView

      Password recovery tool for various web browsers

    • Nirsoft

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses Microsoft Outlook accounts

      collection

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks