Overview

overview

10

Static

static

10

Securaforge.exe

windows7-x64

7

Securaforge.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Securaforge.exe

  • Size

    19.7MB

  • Sample

    231104-sefa7sdh96

  • MD5

    0f30295833496cb41d844ea3c3ab405b

  • SHA1

    9ed30c8654837447cb9cb7e494ab230c05a068d1

  • SHA256

    4dea7012a376d5da5c950ec505e76c18646fcb9f30d83afbc6343f42a8193073

  • SHA512

    f007b8e4bf8626b2f2d41f683a6793d0fff56d139ddf8c75293c41d2714c3d24b20f30491f7deee3f5afba88a01ad0b882c35df65552af014d5e85f577028c01

  • SSDEEP

    393216:GmuJ9QU6rwJsUfujnbp2ZqjauUoG9itiIE7YodVExk3meWcGfdlYM/kB7:GVR6rwJsuEF2ZqjaG2D7rdWag5FlYy

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      Securaforge.exe

    • Size

      19.7MB

    • MD5

      0f30295833496cb41d844ea3c3ab405b

    • SHA1

      9ed30c8654837447cb9cb7e494ab230c05a068d1

    • SHA256

      4dea7012a376d5da5c950ec505e76c18646fcb9f30d83afbc6343f42a8193073

    • SHA512

      f007b8e4bf8626b2f2d41f683a6793d0fff56d139ddf8c75293c41d2714c3d24b20f30491f7deee3f5afba88a01ad0b882c35df65552af014d5e85f577028c01

    • SSDEEP

      393216:GmuJ9QU6rwJsUfujnbp2ZqjauUoG9itiIE7YodVExk3meWcGfdlYM/kB7:GVR6rwJsuEF2ZqjaG2D7rdWag5FlYy

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks