Overview

overview

8

Static

static

3

e050d1e627...JC.exe

windows7-x64

8

e050d1e627...JC.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e050d1e627bdcf2755467c8d0cd3b53c_JC.exe

  • Size

    128KB

  • Sample

    231011-xrqd6aff51

  • MD5

    e050d1e627bdcf2755467c8d0cd3b53c

  • SHA1

    8911026f9e8ce4bae2a00c893e7b57374a030f68

  • SHA256

    5a5c8f55b05034b8b8d4f130d439006e5f78e464045eca3554de671b06719d81

  • SHA512

    7a95980a5541303483bfe1edcef7c99ae8636f4b29c7605d7dd15988aa56aa1c183e5489e43866f78c8f3c8f4d8be38f09fc1de117feddc1b8085800bc413017

  • SSDEEP

    1536:h7qnkAQtSaoGo5n4iLG0/WM6TJmHSaYqeyEjxQ8SXzpn9t6iNj5G0Aox9cJNWIfv:ICSjGoLpWM6VsBEjxQZdbx5Lxxu6IfoY

Score
8/10
persistencespywarestealer

Malware Config

Targets

    • Target

      e050d1e627bdcf2755467c8d0cd3b53c_JC.exe

    • Size

      128KB

    • MD5

      e050d1e627bdcf2755467c8d0cd3b53c

    • SHA1

      8911026f9e8ce4bae2a00c893e7b57374a030f68

    • SHA256

      5a5c8f55b05034b8b8d4f130d439006e5f78e464045eca3554de671b06719d81

    • SHA512

      7a95980a5541303483bfe1edcef7c99ae8636f4b29c7605d7dd15988aa56aa1c183e5489e43866f78c8f3c8f4d8be38f09fc1de117feddc1b8085800bc413017

    • SSDEEP

      1536:h7qnkAQtSaoGo5n4iLG0/WM6TJmHSaYqeyEjxQ8SXzpn9t6iNj5G0Aox9cJNWIfv:ICSjGoLpWM6VsBEjxQZdbx5Lxxu6IfoY

    Score
    8/10
    persistencespywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks