Overview

overview

7

Static

static

1

SuDecalsV1.1.exe

windows10-1703-x64

7

stub-o.pyc

windows10-1703-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SuDecalsV1.1.exe

  • Size

    7.0MB

  • Sample

    230903-rbb9psag64

  • MD5

    c56b5bfb0a49c807354426c9220fb130

  • SHA1

    7df9b0678a79e6df5fa185fe79de0d8917969af1

  • SHA256

    b3519f17ea2c9a3f53cfa58144d7da3bf93abeb20039e875e602a72bc0faeb85

  • SHA512

    4d8cbfe71b2d6364122fe76096b34cb1b215240defe430f17615306f569f268f5037525695bf8322a24899d81f15a5e912ad1f68a754f06dd654b4f5a2afc8be

  • SSDEEP

    196608:Z5SSQsGbT/9bvLz3S1bA329OqwGe6FUfWh:bGbTlj3S1bO29OqRBL

Score
7/10
spywarestealerupx

Malware Config

Targets

    • Target

      SuDecalsV1.1.exe

    • Size

      7.0MB

    • MD5

      c56b5bfb0a49c807354426c9220fb130

    • SHA1

      7df9b0678a79e6df5fa185fe79de0d8917969af1

    • SHA256

      b3519f17ea2c9a3f53cfa58144d7da3bf93abeb20039e875e602a72bc0faeb85

    • SHA512

      4d8cbfe71b2d6364122fe76096b34cb1b215240defe430f17615306f569f268f5037525695bf8322a24899d81f15a5e912ad1f68a754f06dd654b4f5a2afc8be

    • SSDEEP

      196608:Z5SSQsGbT/9bvLz3S1bA329OqwGe6FUfWh:bGbTlj3S1bO29OqRBL

    Score
    7/10
    spywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

    • Target

      stub-o.pyc

    • Size

      112KB

    • MD5

      a95a37f8504df2091f09b44c60de403a

    • SHA1

      f8096cc9be1c5cd33084e942a6142836431516c3

    • SHA256

      c419b528513842a3f36525fc716cfeb6d59f9a63ce47b67ab875228ee201e687

    • SHA512

      ba8c57727f24f0feebc849ca52757c45c7034a3cc716525b4b2b96348abb0d7ae18770cddd75de964b8e9e1c118dbc97d3045c2a3431a51902afbb9795cf1e28

    • SSDEEP

      3072:gql23rZGZftLakT6cX737hTugQWEX0E0yx8b+I3U6a:gl3FGnLU27xvQWEE5S8b33U6a

    Score
    3/10
    behavioral2

MITRE ATT&CK Enterprise v15

Tasks