f0c3c67d1099fb21019694585646996f465eae28006dc248c0adfeac1e8fe189 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

24a4039692...2c.exe

windows7-x64

8

24a4039692...2c.exe

windows10-2004-x64

8

Sharing

General

Target

24a4039692a2d0baa28bf7ee0456f82c.bin
Size

1.0MB
Sample

230610-bh1ymsdh46
MD5

24a4039692a2d0baa28bf7ee0456f82c
SHA1

8b43fc96bc9bf12ab8fcf4cac1e7c1f20be4a6f2
SHA256

f0c3c67d1099fb21019694585646996f465eae28006dc248c0adfeac1e8fe189
SHA512

bb8a89aaac6cebaf5a2a9bde42436794eb6bc912da7d9007c73c1783c917ff0b37c217e0d2c66b4043f923c4e10b21a4c39abbe495d45faab5990c058778a023
SSDEEP

24576:WBpJi6LbUjebhV8kk/DWgHX5BD6PhyONxWqnCsEyA:S7vYiP6S0D6PhywxbXEl

Score

8^/10

persistence spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

24a4039692a2d0baa28bf7ee0456f82c.exe

Resource

win7-20230220-en

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

24a4039692a2d0baa28bf7ee0456f82c.exe

Resource

win10v2004-20230220-en

persistence spyware stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  24a4039692a2d0baa28bf7ee0456f82c.bin
- Size
  
  1.0MB
- MD5
  
  24a4039692a2d0baa28bf7ee0456f82c
- SHA1
  
  8b43fc96bc9bf12ab8fcf4cac1e7c1f20be4a6f2
- SHA256
  
  f0c3c67d1099fb21019694585646996f465eae28006dc248c0adfeac1e8fe189
- SHA512
  
  bb8a89aaac6cebaf5a2a9bde42436794eb6bc912da7d9007c73c1783c917ff0b37c217e0d2c66b4043f923c4e10b21a4c39abbe495d45faab5990c058778a023
- SSDEEP
  
  24576:WBpJi6LbUjebhV8kk/DWgHX5BD6PhyONxWqnCsEyA:S7vYiP6S0D6PhywxbXEl
Score

8^/10

persistence spyware stealer
- Downloads MZ/PE file
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Registers COM server for autorun
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

persistencespywarestealer

© 2018-2024

Terms | Privacy