Overview

overview

7

Static

static

3

209f2fdf77...57.exe

windows7-x64

7

209f2fdf77...57.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    209f2fdf77a3564799d28ab571274957

  • Size

    1.8MB

  • Sample

    231225-qdl19ahgd7

  • MD5

    209f2fdf77a3564799d28ab571274957

  • SHA1

    7ad3f0838775aa69c9435c499f5ad7b8dd572a82

  • SHA256

    59b8b80e0b859c491bdf08e2601d95e7a17bd64f3cd22ebf4238b1bb2030897a

  • SHA512

    3c6fb96ff801125fa50a44cc2893f6c4e67e0889dec86c798b23dbc2f71f865f17821e6703a41c4623c725d4121f9bcdad4d590e9b92e2477043adac6396fec1

  • SSDEEP

    49152:0lCANE/dgoWrbncSTr8d0qW9BT2HxKkaBdPk30Vv:UCANokbbdXBW30V

Score
7/10
discoveryevasionspywarestealertrojan

Malware Config

Targets

    • Target

      209f2fdf77a3564799d28ab571274957

    • Size

      1.8MB

    • MD5

      209f2fdf77a3564799d28ab571274957

    • SHA1

      7ad3f0838775aa69c9435c499f5ad7b8dd572a82

    • SHA256

      59b8b80e0b859c491bdf08e2601d95e7a17bd64f3cd22ebf4238b1bb2030897a

    • SHA512

      3c6fb96ff801125fa50a44cc2893f6c4e67e0889dec86c798b23dbc2f71f865f17821e6703a41c4623c725d4121f9bcdad4d590e9b92e2477043adac6396fec1

    • SSDEEP

      49152:0lCANE/dgoWrbncSTr8d0qW9BT2HxKkaBdPk30Vv:UCANokbbdXBW30V

    Score
    7/10
    discoveryspywarestealerevasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks