Overview

overview

7

Static

static

3

setup_free.exe

windows7-x64

7

setup_free.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    setup_free.zip

  • Size

    10.1MB

  • Sample

    231003-sjhbcsed52

  • MD5

    c119f9703b856f21019dd41275372413

  • SHA1

    bebdbee12d8b0864e02bb89727b4b3959ff675ec

  • SHA256

    f65dabdd07a266b0fac6020d2a8f2ab9ab36059d648b82a65e06d58b160db343

  • SHA512

    8dfb4c20e28dc4037a2f05d6259aeabf437f097eba6ece8f38f512a22ee592f8d2ea693f05a9a9eefc5222ee01f1a6d7e308c363137b854f42cdfd448cd39bfd

  • SSDEEP

    196608:I+yZM4cwKKBiaFxBUAGT0uzkhr/fG2HBJhDh3KdJqJnyIQx3QBuS23Y:I+yZLcwpTFnUjzQK2HxR+8JRQup23Y

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      setup_free.exe

    • Size

      749.7MB

    • MD5

      e2fbe0199c7c92a1ce73dbf6b59e7c53

    • SHA1

      d825cfdb3220569ff7a30192c818902cd07520e3

    • SHA256

      5bfb996cc62444c0d05f28d7353975a01ea108ceb217dfea137b15aa87d8347b

    • SHA512

      33b2129db7edfebb049e45ec709f85b83db8d54f49aff51dabb53c347133aeeeb963dc371810442623241125a9e331570bde896d59335be44a3adae41f96c9cb

    • SSDEEP

      393216:4CliQO2uVUq5JHoOwJNiuMjT80LstQOjHFJ1eui:diQO2KJHEJ2T8WstQOjHFJe

    Score
    7/10
    discoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks