Overview

overview

8

Static

static

3

SecuriteIn...90.exe

windows7-x64

8

SecuriteIn...90.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Win32.PWSX-gen.24848.3090.exe

  • Size

    275KB

  • Sample

    231123-z56dmsdc9s

  • MD5

    dda4fb7debe83135087e6e1965982cff

  • SHA1

    1f5046d4f5ef48a414ec8b3f0e6bd852535fb5ca

  • SHA256

    1b64126ea9a672c967f64b6b379d3a1643bfda0da2bd58f66b07e16c8fd1946d

  • SHA512

    897d7b62af3786b74be87908b3c4d38b5c901082dcbef9073773cfa765331330750109b3009d149836a748f72c56d265f9576402fa8693befc89678e28b6ac74

  • SSDEEP

    3072:BHN0wp7/AcRnTG1ytiiGa9k9Kap7q9lSMCMc0Ml92PtjAVFUpxzS:kkjDnqDasKap7qeM1cD9WtjW0x

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      SecuriteInfo.com.Win32.PWSX-gen.24848.3090.exe

    • Size

      275KB

    • MD5

      dda4fb7debe83135087e6e1965982cff

    • SHA1

      1f5046d4f5ef48a414ec8b3f0e6bd852535fb5ca

    • SHA256

      1b64126ea9a672c967f64b6b379d3a1643bfda0da2bd58f66b07e16c8fd1946d

    • SHA512

      897d7b62af3786b74be87908b3c4d38b5c901082dcbef9073773cfa765331330750109b3009d149836a748f72c56d265f9576402fa8693befc89678e28b6ac74

    • SSDEEP

      3072:BHN0wp7/AcRnTG1ytiiGa9k9Kap7q9lSMCMc0Ml92PtjAVFUpxzS:kkjDnqDasKap7qeM1cD9WtjW0x

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks