Overview

overview

7

Static

static

7

ENh2f2mY.exe

windows7-x64

7

ENh2f2mY.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ENh2f2mY.exe

  • Size

    4.7MB

  • Sample

    230827-c67lrsfa75

  • MD5

    1fe54ef4ab6309bd0c7a3d9a7fdfab91

  • SHA1

    88fbb9e4b34b1ec7a6a4f07ab40bd43630b75f2d

  • SHA256

    fa7dcd04e34ab6c57ccfe66682f354f959c70c0d412ec6f8b2631049e5d8c418

  • SHA512

    aead0a14c4e2717d510c2146c407843140d98d6379d9691197db64e015ccdf9f4c810f47054eb3efd849ee678d18c2f12a84171fd0b3e81d30fa8e9a868b446f

  • SSDEEP

    98304:SOdDp8DdbXbN9Jj0Cx2UkL+IUUa79JIZqv1VNE/ZaZZ63yS3:SOdDadzbN9p0Cx2UXv5JIovzNQQ/63

Score
7/10
spywarestealerupx

Malware Config

Targets

    • Target

      ENh2f2mY.exe

    • Size

      4.7MB

    • MD5

      1fe54ef4ab6309bd0c7a3d9a7fdfab91

    • SHA1

      88fbb9e4b34b1ec7a6a4f07ab40bd43630b75f2d

    • SHA256

      fa7dcd04e34ab6c57ccfe66682f354f959c70c0d412ec6f8b2631049e5d8c418

    • SHA512

      aead0a14c4e2717d510c2146c407843140d98d6379d9691197db64e015ccdf9f4c810f47054eb3efd849ee678d18c2f12a84171fd0b3e81d30fa8e9a868b446f

    • SSDEEP

      98304:SOdDp8DdbXbN9Jj0Cx2UkL+IUUa79JIZqv1VNE/ZaZZ63yS3:SOdDadzbN9p0Cx2UXv5JIovzNQQ/63

    Score
    7/10
    spywarestealerupx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks