Overview

overview

10

Static

static

3

File_patched.exe

windows7-x64

10

File_patched.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    F155342F5BB62210CA274F42D22E4345FD8CA58A1C4C05D06E1FF86B8888A8CB.zip

  • Size

    6.3MB

  • Sample

    230731-z96j7scc8s

  • MD5

    41fdbd091acddd0daa6901d64f83ceaf

  • SHA1

    13d9a6ee561eca5d78e0178ead9a1c64037c84e1

  • SHA256

    e634cefa6857c069fb182c712d5bf17e04bc055b3017f776ac8fce384bbcf08d

  • SHA512

    c215911fdb1bcde17a660ad42c51cf1b5c6df59e9b89e8cd0c829a509bda379c19651fbaaac3697d46c41658aa74858afd1ffa89c91f539a3034792594877844

  • SSDEEP

    196608:EL4iubCvalsBqwYsTAmbWpL63GXVAC6sc/iAbgU:ErBowbx2L+gV/Rc/Fz

Score
10/10
privateloaderloaderspywarestealer

Malware Config

Targets

    • Target

      File_patched.exe

    • Size

      6.7MB

    • MD5

      a54eeb63869d360003d40df887365f00

    • SHA1

      ea1d8624c635c610e0ab3e0ed75056759f01741d

    • SHA256

      f155342f5bb62210ca274f42d22e4345fd8ca58a1c4c05d06e1ff86b8888a8cb

    • SHA512

      4a939496fecd027e1abb7ddfbe6f24564c6917a8aea6b11eaf1e8a794dfabe19e2ba00b3b19e406be7601ca1f86d6e6ff3f3e7faf2667e24fa5f1748177686ee

    • SSDEEP

      196608:ffeAKok6DF0u0FmDgeU8k6BME+3FXvk1:ne7J6DeDXeU9F

    Score
    10/10
    privateloaderloaderspywarestealer

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

      loaderprivateloader

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks