Overview

overview

10

Static

static

10

e4ea888877...f6.exe

windows7-x64

10

e4ea888877...f6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e4ea88887753a936eaf3361dcc00380b88b0c210dcbde24f8f7ce27991856bf6

  • Size

    93KB

  • Sample

    230621-jpvdfagb48

  • MD5

    f05dbb721b31f12466b6114adc2fce39

  • SHA1

    ff7bb5b04b87c1e4b0f9eaf7988fd92d84e25c6b

  • SHA256

    e4ea88887753a936eaf3361dcc00380b88b0c210dcbde24f8f7ce27991856bf6

  • SHA512

    bd8669b5ad88a654a65db9579da4f2990d725261bee958ec0c7d6db3f112e170c50ea5541a81b5f1c3ff48419dfe50fc644d4da5b8d3b74983a8e16d8acb9553

  • SSDEEP

    1536:y6aJHA5jXjYE30YS9PGD1uPVEWlrYtI/8CnP0qYmGl6HCIGJgTnr4n:y6aJHAdp3rsPAuPZ3ECnPYmGlWVTnr4

Score
10/10
lobshotbackdoorpersistencespywarestealer

Malware Config

Targets

    • Target

      e4ea88887753a936eaf3361dcc00380b88b0c210dcbde24f8f7ce27991856bf6

    • Size

      93KB

    • MD5

      f05dbb721b31f12466b6114adc2fce39

    • SHA1

      ff7bb5b04b87c1e4b0f9eaf7988fd92d84e25c6b

    • SHA256

      e4ea88887753a936eaf3361dcc00380b88b0c210dcbde24f8f7ce27991856bf6

    • SHA512

      bd8669b5ad88a654a65db9579da4f2990d725261bee958ec0c7d6db3f112e170c50ea5541a81b5f1c3ff48419dfe50fc644d4da5b8d3b74983a8e16d8acb9553

    • SSDEEP

      1536:y6aJHA5jXjYE30YS9PGD1uPVEWlrYtI/8CnP0qYmGl6HCIGJgTnr4n:y6aJHAdp3rsPAuPZ3ECnPYmGlWVTnr4

    Score
    10/10
    lobshotbackdoorpersistencespywarestealer

    • Detects Lobshot family

    • Lobshot

      Lobshot is a backdoor module written in c++.

      backdoorlobshot

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.