Overview

overview

7

Static

static

7

f6d560195b...7d.exe

windows7-x64

7

f6d560195b...7d.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f6d560195b7278796e3892048cb1557d

  • Size

    97KB

  • Sample

    231228-zht24agbc7

  • MD5

    f6d560195b7278796e3892048cb1557d

  • SHA1

    f2336dc985e81b002d7872a0b65b6f272c044171

  • SHA256

    8a633a32a2b3d9cdc2fb84908965c904246749078dcf9c02c2b21ec2a79f8ae8

  • SHA512

    4029ebdcf9e675d96280658ebb4ef8a8b23200540f94c4bc3f6fafd93d9688afb263437f67eae8bdb578c553274176cba793c38c0dfa74c1f80df942ad06daf5

  • SSDEEP

    3072:SKcWmjRrz3fspxdysZAXp3+xLtP7DKYQzgQl:hG0pxAsZAXpuxLhTYgQl

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      f6d560195b7278796e3892048cb1557d

    • Size

      97KB

    • MD5

      f6d560195b7278796e3892048cb1557d

    • SHA1

      f2336dc985e81b002d7872a0b65b6f272c044171

    • SHA256

      8a633a32a2b3d9cdc2fb84908965c904246749078dcf9c02c2b21ec2a79f8ae8

    • SHA512

      4029ebdcf9e675d96280658ebb4ef8a8b23200540f94c4bc3f6fafd93d9688afb263437f67eae8bdb578c553274176cba793c38c0dfa74c1f80df942ad06daf5

    • SSDEEP

      3072:SKcWmjRrz3fspxdysZAXp3+xLtP7DKYQzgQl:hG0pxAsZAXpuxLhTYgQl

    Score
    7/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks