Overview

overview

7

Static

static

1

Nudes-Package.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Nudes-Package.exe

  • Size

    61.5MB

  • Sample

    231107-tep13sch85

  • MD5

    132b081639b1393ca7244b3be9e6206b

  • SHA1

    d73671886db34708a9daed1796e53677912332bd

  • SHA256

    614457268d640309c11d3d36219059fe2c4e696b435b19af9be582f53b8765ae

  • SHA512

    d381ae27d02d8fc30dfaf54da133178de82137fa8d63451df829c8bc86f9b453cffe8269d5a40978ebd354eb2254972a138de3018cdd1a4108ac4cbf0cb7d667

  • SSDEEP

    1572864:pm6PjdMP+KSFHV3rPWeroWc3bMw3u1QiU6J:U6Lds+1HVbPW9WYbr/6J

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      Nudes-Package.exe

    • Size

      61.5MB

    • MD5

      132b081639b1393ca7244b3be9e6206b

    • SHA1

      d73671886db34708a9daed1796e53677912332bd

    • SHA256

      614457268d640309c11d3d36219059fe2c4e696b435b19af9be582f53b8765ae

    • SHA512

      d381ae27d02d8fc30dfaf54da133178de82137fa8d63451df829c8bc86f9b453cffe8269d5a40978ebd354eb2254972a138de3018cdd1a4108ac4cbf0cb7d667

    • SSDEEP

      1572864:pm6PjdMP+KSFHV3rPWeroWc3bMw3u1QiU6J:U6Lds+1HVbPW9WYbr/6J

    Score
    7/10
    spywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks