Overview

overview

10

Static

static

10

run.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    run.exe

  • Size

    13.2MB

  • Sample

    231104-lmg2faeg8y

  • MD5

    9b562b261c39eaada13261bf18b289fe

  • SHA1

    24441e3dbf2e3c020c13f13e28d8a5b91d8cc884

  • SHA256

    9f68a350d93d11106d80961b5c78d3e80397486ea27ba878c45ab09d04cb98a1

  • SHA512

    967413c012bba442d54d4ffce9b666213c996cf46e62d18c63c511060aef1a75fee538571f2e2a6aa67994b173b4483e0463d5ba9c304c72dc818719ce89470b

  • SSDEEP

    393216:8iIE7Yo9+4uaW+eGQRJ9jo7BGcGRY/dt1WomY:17r9+RaW+e5RJ9MtpmY

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      run.exe

    • Size

      13.2MB

    • MD5

      9b562b261c39eaada13261bf18b289fe

    • SHA1

      24441e3dbf2e3c020c13f13e28d8a5b91d8cc884

    • SHA256

      9f68a350d93d11106d80961b5c78d3e80397486ea27ba878c45ab09d04cb98a1

    • SHA512

      967413c012bba442d54d4ffce9b666213c996cf46e62d18c63c511060aef1a75fee538571f2e2a6aa67994b173b4483e0463d5ba9c304c72dc818719ce89470b

    • SSDEEP

      393216:8iIE7Yo9+4uaW+eGQRJ9jo7BGcGRY/dt1WomY:17r9+RaW+e5RJ9MtpmY

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks