Overview

overview

8

Static

static

3

winprofile

windows7-x64

8

winprofile

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    d363eb55ceaf45f4732d7626ecf984aa9a84893e17201397fed96d803f57412f

  • Size

    237KB

  • Sample

    231126-2hznpacg9w

  • MD5

    b1886e56eee344b730dbd3ca44cc8545

  • SHA1

    ffb3033939f598d3da17cea12624a0187a78b488

  • SHA256

    d363eb55ceaf45f4732d7626ecf984aa9a84893e17201397fed96d803f57412f

  • SHA512

    ddf96229ca8bff678569c6bff4010b8b96d8b26786406fd15d6f7c16f989202cc2df465e1d0435429d20f02c948ae3ae17031614b0f17fa29bb37d0317c69c8f

  • SSDEEP

    3072:05sRLyyxfsSrem3lRd5Ubwf+pxZYH7VReWFU5w+IxBb:1MyxS2fawmQHSYzn

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      d363eb55ceaf45f4732d7626ecf984aa9a84893e17201397fed96d803f57412f

    • Size

      237KB

    • MD5

      b1886e56eee344b730dbd3ca44cc8545

    • SHA1

      ffb3033939f598d3da17cea12624a0187a78b488

    • SHA256

      d363eb55ceaf45f4732d7626ecf984aa9a84893e17201397fed96d803f57412f

    • SHA512

      ddf96229ca8bff678569c6bff4010b8b96d8b26786406fd15d6f7c16f989202cc2df465e1d0435429d20f02c948ae3ae17031614b0f17fa29bb37d0317c69c8f

    • SSDEEP

      3072:05sRLyyxfsSrem3lRd5Ubwf+pxZYH7VReWFU5w+IxBb:1MyxS2fawmQHSYzn

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Deletes itself

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks