Overview

overview

7

Static

static

3

a96b67d92b...68.exe

windows7-x64

7

a96b67d92b...68.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a96b67d92b927feb54f4b3d37de9af76d4ce3b7dd20df4bb71567b69e2001368

  • Size

    7.1MB

  • Sample

    231011-xaqnlaee71

  • MD5

    c5d41d92dac11a02d31cc73c5f450fa5

  • SHA1

    1ccfbcfed98a69236315a81ade528010f239aacd

  • SHA256

    a96b67d92b927feb54f4b3d37de9af76d4ce3b7dd20df4bb71567b69e2001368

  • SHA512

    68cae2440957167228c5f8dac47d023c759815ce8bc2c74ef040c36b269eb649208fe881eb1951a8e0ee4d9e6fd6888a5af041fc25d92ebf8b01544502758f72

  • SSDEEP

    196608:91OZQLfJmGyixZoq44KHssGn4EhL+HBYLb6Ggq:3OZQLjswWGn4KLOeWq

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      a96b67d92b927feb54f4b3d37de9af76d4ce3b7dd20df4bb71567b69e2001368

    • Size

      7.1MB

    • MD5

      c5d41d92dac11a02d31cc73c5f450fa5

    • SHA1

      1ccfbcfed98a69236315a81ade528010f239aacd

    • SHA256

      a96b67d92b927feb54f4b3d37de9af76d4ce3b7dd20df4bb71567b69e2001368

    • SHA512

      68cae2440957167228c5f8dac47d023c759815ce8bc2c74ef040c36b269eb649208fe881eb1951a8e0ee4d9e6fd6888a5af041fc25d92ebf8b01544502758f72

    • SSDEEP

      196608:91OZQLfJmGyixZoq44KHssGn4EhL+HBYLb6Ggq:3OZQLjswWGn4KLOeWq

    Score
    7/10
    spywarestealer

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks