Overview

overview

10

Static

static

3

6f1852441c8d7e_JC.exe

windows7-x64

10

6f1852441c8d7e_JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6f1852441c8d7e_JC.exe

  • Size

    223KB

  • Sample

    230716-p1z1yseh72

  • MD5

    6f1852441c8d7eb675b5de99e0b09978

  • SHA1

    422a4a654504ee89fac9519943d30cfe874a6865

  • SHA256

    81ebb7c83b0cc0a077123002c820b16858057eb580ae6fea4377ae9853f52a2a

  • SHA512

    8b02bdd9b09aeef368610b0f5d89092f4c5d53ddcd6a528d0cfbf76e5459344b37635bcbbb5ced222166b862a1cd3d8ae3ce46dc5505562070b8aa483ade5702

  • SSDEEP

    6144:a59C/MBj/1at/zTcnWmByIQSFQ4GMOY7dut34KPmCmj6:G8/MBj/1at/zTtmBvpK3j

Score
10/10
evasionpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      6f1852441c8d7e_JC.exe

    • Size

      223KB

    • MD5

      6f1852441c8d7eb675b5de99e0b09978

    • SHA1

      422a4a654504ee89fac9519943d30cfe874a6865

    • SHA256

      81ebb7c83b0cc0a077123002c820b16858057eb580ae6fea4377ae9853f52a2a

    • SHA512

      8b02bdd9b09aeef368610b0f5d89092f4c5d53ddcd6a528d0cfbf76e5459344b37635bcbbb5ced222166b862a1cd3d8ae3ce46dc5505562070b8aa483ade5702

    • SSDEEP

      6144:a59C/MBj/1at/zTcnWmByIQSFQ4GMOY7dut34KPmCmj6:G8/MBj/1at/zTtmBvpK3j

    Score
    10/10
    evasionpersistencetrojanspywarestealer

    • Modifies visibility of file extensions in Explorer

      evasion

    • UAC bypass

      evasiontrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks