Overview

overview

7

Static

static

3

xxx.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    xxx.exe

  • Size

    183KB

  • Sample

    231112-xgr51abb98

  • MD5

    aeb412575c6878dbe2b8dc21e5f935bf

  • SHA1

    93b44123ab08b09a609aeb62ef1f1b40849ea1bb

  • SHA256

    7be8d18d017d5c86c32152dc7275c583ab314f747865a8ee9055b06e0a11bffb

  • SHA512

    5c87aa5ddc3ecf5a01f3be214b7417f2fa3954bc6e304af5d9328e63e00e18ccbd426ba23ed01701a3723b380c22d6ee0e60947a9f3ff953fae49b693135c513

  • SSDEEP

    3072:iY8h9uU9gKkH+LGP34oiKerVUzeeDXbwa21D59ua/aHyvZR7d2iE:iY8HuU1ybwv

Score
7/10
collectionspywarestealer

Malware Config

Targets

    • Target

      xxx.exe

    • Size

      183KB

    • MD5

      aeb412575c6878dbe2b8dc21e5f935bf

    • SHA1

      93b44123ab08b09a609aeb62ef1f1b40849ea1bb

    • SHA256

      7be8d18d017d5c86c32152dc7275c583ab314f747865a8ee9055b06e0a11bffb

    • SHA512

      5c87aa5ddc3ecf5a01f3be214b7417f2fa3954bc6e304af5d9328e63e00e18ccbd426ba23ed01701a3723b380c22d6ee0e60947a9f3ff953fae49b693135c513

    • SSDEEP

      3072:iY8h9uU9gKkH+LGP34oiKerVUzeeDXbwa21D59ua/aHyvZR7d2iE:iY8HuU1ybwv

    Score
    7/10
    collectionspywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks