Overview

overview

7

Static

static

3

8f863d3046...JC.exe

windows7-x64

7

8f863d3046...JC.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    8f863d304625540995913e53ce885ec3d02a58f3fa538ea28d1b1796bab83a49exe_JC.exe

  • Size

    937KB

  • Sample

    230806-wkehmsbd89

  • MD5

    89fc6efa03469d8f85b5e7cb61adf63e

  • SHA1

    df2c6f66b506b40589b71af51e94b59158b6483b

  • SHA256

    8f863d304625540995913e53ce885ec3d02a58f3fa538ea28d1b1796bab83a49

  • SHA512

    3b168bd205f1d962a0425484f82f11072946d8e83bee77e0936daee9d8d83c2f14338dc70bd07c19a5c73e50e1656fa87058762f66866124d87d437b05b8b3e7

  • SSDEEP

    12288:BEKaJ5AVRZYUaZNMWj8dSZnzaPokWqZUIZbK+C6WGnyntsXjeniIeRhkA:uAdLAMhStaP5/ZUIdjpWGyeqihP

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      8f863d304625540995913e53ce885ec3d02a58f3fa538ea28d1b1796bab83a49exe_JC.exe

    • Size

      937KB

    • MD5

      89fc6efa03469d8f85b5e7cb61adf63e

    • SHA1

      df2c6f66b506b40589b71af51e94b59158b6483b

    • SHA256

      8f863d304625540995913e53ce885ec3d02a58f3fa538ea28d1b1796bab83a49

    • SHA512

      3b168bd205f1d962a0425484f82f11072946d8e83bee77e0936daee9d8d83c2f14338dc70bd07c19a5c73e50e1656fa87058762f66866124d87d437b05b8b3e7

    • SSDEEP

      12288:BEKaJ5AVRZYUaZNMWj8dSZnzaPokWqZUIZbK+C6WGnyntsXjeniIeRhkA:uAdLAMhStaP5/ZUIdjpWGyeqihP

    Score
    7/10
    spywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks