Overview

overview

7

Static

static

3

70b2c6b6c7...21.exe

windows7-x64

7

70b2c6b6c7...21.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    70b2c6b6c74c1ad8b85f3c3b55b03d21

  • Size

    812KB

  • Sample

    231222-fzybashcdm

  • MD5

    70b2c6b6c74c1ad8b85f3c3b55b03d21

  • SHA1

    6f68ccd81c6520ca9e9b858f02e5f50e319ff4d0

  • SHA256

    967963c655388dbd1020f110d14496e67dde7fa16c3ec0ea2d0b09d3a60b4fdd

  • SHA512

    b5d2971de85f3c958e2f11319d6052629031496762c4997321f1e4bcfd26ff1d9478ab2e88ec84622012343b8e73fef4c2a6c813882c375a06f3e07f22271111

  • SSDEEP

    12288:KJ3/CLaChS8MtDudUNNT/X3ceg7LmNowXdez0w/+6DjeIpcwroqATl/tfbDJuGxb:gPCThS8MtDuS7/XbC0jw/PpcWA7bsGJ

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      70b2c6b6c74c1ad8b85f3c3b55b03d21

    • Size

      812KB

    • MD5

      70b2c6b6c74c1ad8b85f3c3b55b03d21

    • SHA1

      6f68ccd81c6520ca9e9b858f02e5f50e319ff4d0

    • SHA256

      967963c655388dbd1020f110d14496e67dde7fa16c3ec0ea2d0b09d3a60b4fdd

    • SHA512

      b5d2971de85f3c958e2f11319d6052629031496762c4997321f1e4bcfd26ff1d9478ab2e88ec84622012343b8e73fef4c2a6c813882c375a06f3e07f22271111

    • SSDEEP

      12288:KJ3/CLaChS8MtDudUNNT/X3ceg7LmNowXdez0w/+6DjeIpcwroqATl/tfbDJuGxb:gPCThS8MtDuS7/XbC0jw/PpcWA7bsGJ

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks