Overview

overview

8

Static

static

3

SecuriteIn...22.exe

windows7-x64

8

SecuriteIn...22.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    SecuriteInfo.com.Win32.PWSX-gen.31328.3622.exe

  • Size

    207KB

  • Sample

    231031-p5r6xagb5t

  • MD5

    da7445c8881a286bbb427fa5854f8e79

  • SHA1

    bbe113b28ce76adbed21fb018848aba8a574fbca

  • SHA256

    a217dee30587e692a690bb7dbb8a43c77deb9dcff2522930c0b0f40d76f168b1

  • SHA512

    93988d30b627a1d7e7143ef2278a0160d04a8e003813c9089c3dd228bc577fa25b3ebf71b59f607e2cd6f4d8d7e9db0708e9775c036393d5112dd44d85248125

  • SSDEEP

    3072:pGT2UBSmePZRsM6QyGFbGf2WXWgAiBONUc:q2UBSdPZRsvG2X8

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      SecuriteInfo.com.Win32.PWSX-gen.31328.3622.exe

    • Size

      207KB

    • MD5

      da7445c8881a286bbb427fa5854f8e79

    • SHA1

      bbe113b28ce76adbed21fb018848aba8a574fbca

    • SHA256

      a217dee30587e692a690bb7dbb8a43c77deb9dcff2522930c0b0f40d76f168b1

    • SHA512

      93988d30b627a1d7e7143ef2278a0160d04a8e003813c9089c3dd228bc577fa25b3ebf71b59f607e2cd6f4d8d7e9db0708e9775c036393d5112dd44d85248125

    • SSDEEP

      3072:pGT2UBSmePZRsM6QyGFbGf2WXWgAiBONUc:q2UBSdPZRsvG2X8

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks