Overview

overview

8

Static

static

1

Geradores_3.rar

windows7-x64

3

Geradores_3.rar

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Geradores_3.rar

  • Size

    8.1MB

  • Sample

    230818-asj77sfh3w

  • MD5

    a48a1c5ca604125a30968cabf9389717

  • SHA1

    f9a43bef80f1c4093fb268f45c2abe0e992562a2

  • SHA256

    c7e6d3cc1d08a1554f05165849fd51053471da4fd14e6bae6e1eba74cecc7643

  • SHA512

    f27df657ecaf3ff73af8c13fb335777656f859ea2b119aa63c7d3f7254b39d66acf13ecc6fbf0b1e245f61bdd567647a90a45cc9e5c4bb07a6652278f1a4a0b8

  • SSDEEP

    196608:YX1aUva4eAiCIjNxO6jn838PB9+PM26BtWdS:W9VJ8y+n8yB9t/WdS

Score
8/10
spywarestealerupx

Malware Config

Targets

    • Target

      Geradores_3.rar

    • Size

      8.1MB

    • MD5

      a48a1c5ca604125a30968cabf9389717

    • SHA1

      f9a43bef80f1c4093fb268f45c2abe0e992562a2

    • SHA256

      c7e6d3cc1d08a1554f05165849fd51053471da4fd14e6bae6e1eba74cecc7643

    • SHA512

      f27df657ecaf3ff73af8c13fb335777656f859ea2b119aa63c7d3f7254b39d66acf13ecc6fbf0b1e245f61bdd567647a90a45cc9e5c4bb07a6652278f1a4a0b8

    • SSDEEP

      196608:YX1aUva4eAiCIjNxO6jn838PB9+PM26BtWdS:W9VJ8y+n8yB9t/WdS

    Score
    8/10
    spywarestealerupx

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks