Overview

overview

7

Static

static

3

PRICE_IN.exe

windows7-x64

7

PRICE_IN.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Price Inquiry-DSD project DC202308.img

  • Size

    1.2MB

  • Sample

    230801-q3bltahc2z

  • MD5

    07bb0798a4eb7c4234fda404acd6a268

  • SHA1

    0258f7efac1bb50c35f082d7c3fc02cb016408dc

  • SHA256

    f82732d7e81506792114109d367700b6f01d65692e7eb78245da3156207bd41c

  • SHA512

    cfe12b2551a0375c129817621f149776ed978df5a9ae5deb9a64a82e9b544071f6d2e5887b1f381020b40b20ee1461b06f7744f1560169779489809e9a993972

  • SSDEEP

    12288:oj2iN8JJGoyacL5VKEqzaF7oUJi4OR+q3yJmarXtxg8GOOIg:oj1uJMo6KELFU2i4ORA/97GOW

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      PRICE_IN.EXE

    • Size

      628KB

    • MD5

      f9802775070b5ccd79f6fde71e8e9c87

    • SHA1

      f84d241302f809d355aff1f2a27c199f5db4854c

    • SHA256

      1aa319975a9d1142cd5737d4b41d1004223881bf4e3485770a75be645e54934e

    • SHA512

      52636782b93920455955a528aa97b4521c0cfbf86dc17d3f6c8162b234429b1d4ad042e38ba75297606e45831f6379512715a861826bc6d5734b313f42e0a879

    • SSDEEP

      12288:ej2iN8JJGoyacL5VKEqzaF7oUJi4OR+q3yJmarXtxg8GOOIg:ej1uJMo6KELFU2i4ORA/97GOW

    Score
    7/10
    spywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks