Overview

overview

7

Static

static

3

SecuriteIn...82.exe

windows7-x64

3

SecuriteIn...82.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.PackedNET.2273.9489.3582.exe

  • Size

    600KB

  • Sample

    230815-t1ykcabh82

  • MD5

    47de122c36373a026aa257dc11308fd7

  • SHA1

    5038b85c562b99d66e8aa629da6a42ab2633699c

  • SHA256

    12e5b82532b73abb25218f602cc9df661e9f58a771631e3baf1f0145db6d74b5

  • SHA512

    a02a67105adf4ab197c67ed84ae2868967e987409354cb81426e52f19966805c9b0f009fcec1ee79416387d9f27132bc9d9fc4b50dc925f237d385991359b578

  • SSDEEP

    12288:QyY7EV/O8i3sB2e+3oEKyY14KDuMFyCNDkXZ49fkw:Qyk8qe0Kx9pNNQXZ498w

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      SecuriteInfo.com.Trojan.PackedNET.2273.9489.3582.exe

    • Size

      600KB

    • MD5

      47de122c36373a026aa257dc11308fd7

    • SHA1

      5038b85c562b99d66e8aa629da6a42ab2633699c

    • SHA256

      12e5b82532b73abb25218f602cc9df661e9f58a771631e3baf1f0145db6d74b5

    • SHA512

      a02a67105adf4ab197c67ed84ae2868967e987409354cb81426e52f19966805c9b0f009fcec1ee79416387d9f27132bc9d9fc4b50dc925f237d385991359b578

    • SSDEEP

      12288:QyY7EV/O8i3sB2e+3oEKyY14KDuMFyCNDkXZ49fkw:Qyk8qe0Kx9pNNQXZ498w

    Score
    7/10
    spywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks