Overview

overview

7

Static

static

3

Updatе.exe

windows7-x64

7

Updatе.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a51647307e94aa71ba9b4d860ab63ee1

  • Size

    610KB

  • Sample

    231120-new7hage8w

  • MD5

    a51647307e94aa71ba9b4d860ab63ee1

  • SHA1

    cb93981e00abbfeace3c65b74951a0a3e9130efe

  • SHA256

    2ed59bb027b77d959153fcec36f4a65551391ab624c313f1ce90561c17bc1988

  • SHA512

    a8e1cc4e2ebfb04722024e687a603262e9931bb140c0b5525c26513bd36bdbb11f8320dbe2313f87385723f65f505548cbfdc2a2c4edc7a9bfd3228922a576e5

  • SSDEEP

    12288:mgddXbnZ/hNKg1bdsJr2miNl1Ms/BMKbG4LcmkS/Jdn4SUtbA:TddXbnJnF4JrUl1wK/n/Jdn4b8

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      Updatе.exe

    • Size

      699KB

    • MD5

      3f6d2aa85fcd8e38412f4ab60f8f47f4

    • SHA1

      7766ac3f9692746896f25ee85eff6b063649dd12

    • SHA256

      3eb644492c55f3afab73d0b9842a835d67ccf35c46767d45ae7d2e78fc96d7e5

    • SHA512

      b5e9c9f79b55757277a9c1a3559d18a50eddb5a68383e6deea1dc6bc22b6f5259d51d75adcdb961bebc635e79bf50a9d8c8bb97e6283590fc53ea23ec5b69890

    • SSDEEP

      12288:R1nGfvqfcZCnVsUonX/hNKo1FdsJt2m2Nl1KsHBMIDG4LcykS/xXn8SUtbR+i:RrcZ0VGnPnveJxwl1uu/9/xXn8b4

    Score
    7/10
    discoveryspywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks