Overview

overview

10

Static

static

10

Sane - Aut...ft.exe

windows7-x64

7

Sane - Aut...ft.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Sane_-_Autogift.rar

  • Size

    6.8MB

  • Sample

    231220-bfz9bsdegp

  • MD5

    65f87448d5eb93acba62cc2b7f7726ae

  • SHA1

    6630e93a3c38dec655eb87c3f47cef3c6750f1b8

  • SHA256

    5aaa7395254b132887bfeb8467bff55ba9226be98291693d8b64f97c4418da52

  • SHA512

    d7413238b287d7d42ef2f05b49ef22b1884b9843508dbe5c1acd8627e52f12dd727e2aee05349b5585a0db5914f634ff019982a86e48ac5e63bf1ef3d9473ee2

  • SSDEEP

    196608:mSpBbOd3qIEemUVNMY5pyB5St973hJBdzjsYV:m8IYUzbyB5STTdhzV

Score
10/10
blankgrabberspywarestealerupx

Malware Config

Targets

    • Target

      Sane - Autogift/Auto Gift.exe

    • Size

      6.9MB

    • MD5

      f903a71919721cb1ddd44583482b8ca6

    • SHA1

      599d135719a4dcee7c26791869133fcf2ed2f21f

    • SHA256

      2b81f820e1ef430d88f39bcbf262fb9ae69fdaba92c8e7f1403c97d9eb5bc155

    • SHA512

      5e84bf919b736a5525386763d63c60040fe722bf9f14bb7c26ada258830a3049badbeb36819ef3cbca3eccf7938ce20738adcd6a7f980b38d3bd4d5aac802fbd

    • SSDEEP

      98304:sRRzHqdVfB2FS27wg/yuT/9vUIdD9C+z3zO917vOTh+ezDNh7ovmJ1nmOBN9n4mS:sDQsfbT/9bvLz3S1bA3zNn97zJW

    Score
    7/10
    upxspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks