Overview

overview

7

Static

static

3

build838.exe

windows7-x64

7

build838.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    build838.exe

  • Size

    370KB

  • Sample

    230901-knpx1adf7t

  • MD5

    baea8727cf8923018d8235c66ae8d6a1

  • SHA1

    42750ff80df0ea75d1dc27484bb6775cf8065003

  • SHA256

    2d37d22eceb8632c2d94f155e17db628125d658a336e79725d757d13b657dc5d

  • SHA512

    b9cd9cceeaa618395dbf486c83687b0a922a29734d5a3d463e3bf1143345416ad4e985184cca03ec59a7c5397270cfd2e3ebd06b620a2746642b17dea2d34866

  • SSDEEP

    6144:mMZ+4tD/t/a2zDGVPJXvnzZjDJHb571Kjn1929XDccHOL9bqY4S6X30/Y+59Y:T+GRatpvnzZjDv7oj19yTNYVwEe

Score
7/10
collectiondiscoveryspywarestealer

Malware Config

Targets

    • Target

      build838.exe

    • Size

      370KB

    • MD5

      baea8727cf8923018d8235c66ae8d6a1

    • SHA1

      42750ff80df0ea75d1dc27484bb6775cf8065003

    • SHA256

      2d37d22eceb8632c2d94f155e17db628125d658a336e79725d757d13b657dc5d

    • SHA512

      b9cd9cceeaa618395dbf486c83687b0a922a29734d5a3d463e3bf1143345416ad4e985184cca03ec59a7c5397270cfd2e3ebd06b620a2746642b17dea2d34866

    • SSDEEP

      6144:mMZ+4tD/t/a2zDGVPJXvnzZjDJHb571Kjn1929XDccHOL9bqY4S6X30/Y+59Y:T+GRatpvnzZjDv7oj19yTNYVwEe

    Score
    7/10
    collectiondiscoveryspywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks