Overview

overview

7

Static

static

7

ca1ab6be2a...6a.exe

windows7-x64

7

ca1ab6be2a...6a.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ca1ab6be2a64b37d53e00ef0f711576a

  • Size

    222KB

  • Sample

    231222-r4w5ksfbd2

  • MD5

    ca1ab6be2a64b37d53e00ef0f711576a

  • SHA1

    61d797ef14809a7d419db2ae4256a95a68f3a8fc

  • SHA256

    c08f68e04c5c2a2362c8256618a92082e81e9f7c50535d4ff9acef4342449efa

  • SHA512

    d1fcc89819f6751be8b70fd020ca2cc9d417cd5c2f07fe100d29f5341cefa0b42312fba84f5ad3f12b036b8815d5ee22ed7b58c4d1db4cf57073f957649739aa

  • SSDEEP

    3072:sr3KcWmjRrzSi9a32Golk3Z8edP5yXfezMYt2XzPE8K19kVyHE3SFQD7XJHPVswU:/I3GGQPMGx2js8O9uyk3iwZHt5Up

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      ca1ab6be2a64b37d53e00ef0f711576a

    • Size

      222KB

    • MD5

      ca1ab6be2a64b37d53e00ef0f711576a

    • SHA1

      61d797ef14809a7d419db2ae4256a95a68f3a8fc

    • SHA256

      c08f68e04c5c2a2362c8256618a92082e81e9f7c50535d4ff9acef4342449efa

    • SHA512

      d1fcc89819f6751be8b70fd020ca2cc9d417cd5c2f07fe100d29f5341cefa0b42312fba84f5ad3f12b036b8815d5ee22ed7b58c4d1db4cf57073f957649739aa

    • SSDEEP

      3072:sr3KcWmjRrzSi9a32Golk3Z8edP5yXfezMYt2XzPE8K19kVyHE3SFQD7XJHPVswU:/I3GGQPMGx2js8O9uyk3iwZHt5Up

    Score
    7/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks