Overview

overview

7

Static

static

3

d57bd4eed2...92.exe

windows7-x64

7

d57bd4eed2...92.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    d57bd4eed2bef3986285e4063a369166c11750099cefc31f3a92eb69090d4c92

  • Size

    896KB

  • Sample

    230822-begqlahc44

  • MD5

    d75396f6e913b2f5bbb8e4aaeb1a4bcf

  • SHA1

    4af154992e763254eb26be55f811269ee952129d

  • SHA256

    d57bd4eed2bef3986285e4063a369166c11750099cefc31f3a92eb69090d4c92

  • SHA512

    12c5987095378e9e6a17c9370504956f6f3a3ddc3a2a5e5565e3517f10672ec62bbfbdb3bef90fe3aa2242ffdce3d0f3a4f23f2df9f015c7564adc58bfb8c10e

  • SSDEEP

    12288:f+70pKXQl2FNGptSWrCP2GR7qvf7KT3OQ4CR9yV20BTJp/R:A6CcvTKT3rG20BJpZ

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      d57bd4eed2bef3986285e4063a369166c11750099cefc31f3a92eb69090d4c92

    • Size

      896KB

    • MD5

      d75396f6e913b2f5bbb8e4aaeb1a4bcf

    • SHA1

      4af154992e763254eb26be55f811269ee952129d

    • SHA256

      d57bd4eed2bef3986285e4063a369166c11750099cefc31f3a92eb69090d4c92

    • SHA512

      12c5987095378e9e6a17c9370504956f6f3a3ddc3a2a5e5565e3517f10672ec62bbfbdb3bef90fe3aa2242ffdce3d0f3a4f23f2df9f015c7564adc58bfb8c10e

    • SSDEEP

      12288:f+70pKXQl2FNGptSWrCP2GR7qvf7KT3OQ4CR9yV20BTJp/R:A6CcvTKT3rG20BJpZ

    Score
    7/10
    spywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks