Overview

overview

7

Static

static

3

66484e9c8c...48.exe

windows7-x64

7

66484e9c8c...48.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66484e9c8cab4bbc49e7bea5a5904c218968bf7aa4c0e63a2d5e52ddda8e1148

  • Size

    16KB

  • Sample

    231103-msw8zsag76

  • MD5

    edc9b592f3388a25259e3fe8ff0eb4b8

  • SHA1

    c4c43012cd8b9cd9b4807e160c23410cb4b615f6

  • SHA256

    66484e9c8cab4bbc49e7bea5a5904c218968bf7aa4c0e63a2d5e52ddda8e1148

  • SHA512

    5dae0472cb1e24ae0c92a8db22f430b534316aede32fd58a4455950cb096e79f988cfd9fb84241e1d88d2718825da98be436941270183134eb430231c4b58385

  • SSDEEP

    192:YcA0hyErRBqgOnPQPdcIdq20dqE5Ps6Z6GQO0bDDvz0EHITbKH62RTUz/PwLanJq:vJN0xIwtdn536bOEboEo3KH0z/PwLaJq

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      66484e9c8cab4bbc49e7bea5a5904c218968bf7aa4c0e63a2d5e52ddda8e1148

    • Size

      16KB

    • MD5

      edc9b592f3388a25259e3fe8ff0eb4b8

    • SHA1

      c4c43012cd8b9cd9b4807e160c23410cb4b615f6

    • SHA256

      66484e9c8cab4bbc49e7bea5a5904c218968bf7aa4c0e63a2d5e52ddda8e1148

    • SHA512

      5dae0472cb1e24ae0c92a8db22f430b534316aede32fd58a4455950cb096e79f988cfd9fb84241e1d88d2718825da98be436941270183134eb430231c4b58385

    • SSDEEP

      192:YcA0hyErRBqgOnPQPdcIdq20dqE5Ps6Z6GQO0bDDvz0EHITbKH62RTUz/PwLanJq:vJN0xIwtdn536bOEboEo3KH0z/PwLaJq

    Score
    7/10
    persistencespywarestealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks