Overview

overview

7

Static

static

3

3750dccb8e...04.exe

windows7-x64

7

3750dccb8e...04.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3750dccb8ebd6715b58f57c1542d7004

  • Size

    234KB

  • Sample

    231225-xzst9abfd5

  • MD5

    3750dccb8ebd6715b58f57c1542d7004

  • SHA1

    fe8549d7089bdef208d380daa941a3d0c39f3f1c

  • SHA256

    e020fe7855fe9eef12b4b08d3fc6aea2f869b34292d2185c6741a3a1f6e759c3

  • SHA512

    d6e3f0bc8d07c14486b5160cbe323bbd88e100fe01877c0bb0bbe2b6cfcde13b81d2ab806156aed971a34a9dc92303634a0ef2c60129b2f7c51ffb911c768249

  • SSDEEP

    3072:CyAxEVRS4J9UaIFNTtf1Hpu4cf0hC7zZlVQ04aCpSNnpyRFyHTKewNp09u4/r2Ys:Ix4tJjOTtGXMhC7ZKSNnpyTPjDy/Sb

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      3750dccb8ebd6715b58f57c1542d7004

    • Size

      234KB

    • MD5

      3750dccb8ebd6715b58f57c1542d7004

    • SHA1

      fe8549d7089bdef208d380daa941a3d0c39f3f1c

    • SHA256

      e020fe7855fe9eef12b4b08d3fc6aea2f869b34292d2185c6741a3a1f6e759c3

    • SHA512

      d6e3f0bc8d07c14486b5160cbe323bbd88e100fe01877c0bb0bbe2b6cfcde13b81d2ab806156aed971a34a9dc92303634a0ef2c60129b2f7c51ffb911c768249

    • SSDEEP

      3072:CyAxEVRS4J9UaIFNTtf1Hpu4cf0hC7zZlVQ04aCpSNnpyRFyHTKewNp09u4/r2Ys:Ix4tJjOTtGXMhC7ZKSNnpyTPjDy/Sb

    Score
    7/10
    spywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks