49d03705739faacb94c8025aaa432597d309fe96026c97ea4f0412bbf09f7a2e | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Cyber Secu...rt.exe

windows10-2004-x64

7

Resubmissions

14-06-2023 15:31

230614-sye5jsah4z 7

13-06-2023 03:59

230613-ekd4fafb7x 7

09-06-2023 03:51

230609-eevh8sbf3z 10

09-06-2023 03:51

230609-eelw4abf3y 3

09-06-2023 03:33

230609-d4p5dabe9x 10

Sharing

General

Target

Cyber Security Support.exe
Size

22.0MB
Sample

230613-ekd4fafb7x
MD5

8452fe515826ab6f43eff16918a40e32
SHA1

64859677fd830793f787fa87c7b29f75883da5cd
SHA256

49d03705739faacb94c8025aaa432597d309fe96026c97ea4f0412bbf09f7a2e
SHA512

6429fa27c63290a777ab6836e7e97b552afdf396a505876fef068929af3da40be01eb505809e4e5bcbb8421ee401439e14a345854b6a17b8ffa8f43375728994
SSDEEP

393216:KOTMIRuiduUzRK3oMS6smRo6SxIM/L/JUH6eBkpH1ed/cViEZs1e4Vj5NnExjuwM:Fg1Oo4WsmRorIMbJUHmpVPiE29XnExjg

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Cyber Security Support.exe

Resource

win10v2004-20230221-en

spyware stealer

windows10-2004-x64

19 signatures

1200 seconds

Malware Config

Targets

- Target
  
  Cyber Security Support.exe
- Size
  
  22.0MB
- MD5
  
  8452fe515826ab6f43eff16918a40e32
- SHA1
  
  64859677fd830793f787fa87c7b29f75883da5cd
- SHA256
  
  49d03705739faacb94c8025aaa432597d309fe96026c97ea4f0412bbf09f7a2e
- SHA512
  
  6429fa27c63290a777ab6836e7e97b552afdf396a505876fef068929af3da40be01eb505809e4e5bcbb8421ee401439e14a345854b6a17b8ffa8f43375728994
- SSDEEP
  
  393216:KOTMIRuiduUzRK3oMS6smRo6SxIM/L/JUH6eBkpH1ed/cViEZs1e4Vj5NnExjuwM:Fg1Oo4WsmRorIMbJUHmpVPiE29XnExjg
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy