Overview

overview

8

Static

static

3

f7b64d86a4...c2.exe

windows7-x64

8

f7b64d86a4...c2.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f7b64d86a4a503cc69dd481edcaea5c2

  • Size

    84KB

  • Sample

    231228-zr4ynaebdn

  • MD5

    f7b64d86a4a503cc69dd481edcaea5c2

  • SHA1

    3b20a8645d8e83514755a97e8bff163b53fd673e

  • SHA256

    cffaaf7a64fe3aec601bdb3b9747b46c80fb14f66a6f9ee284314baf34085b9c

  • SHA512

    c438ef69fcc6483b42bd0e78504136062ab9e8be8c567ce3a895623aa93c474614723360eae67a87ecb511831371f1af876a477c093ec60f0c823cc7ac87d540

  • SSDEEP

    1536:0LE5nnQe9kzuY21ixKmppo+BuO0arCTizh7Jh5Rtk3yTzgZK:l5nx9tYc59ja7J/Rtog

Score
8/10
persistencespywarestealer

Malware Config

Targets

    • Target

      f7b64d86a4a503cc69dd481edcaea5c2

    • Size

      84KB

    • MD5

      f7b64d86a4a503cc69dd481edcaea5c2

    • SHA1

      3b20a8645d8e83514755a97e8bff163b53fd673e

    • SHA256

      cffaaf7a64fe3aec601bdb3b9747b46c80fb14f66a6f9ee284314baf34085b9c

    • SHA512

      c438ef69fcc6483b42bd0e78504136062ab9e8be8c567ce3a895623aa93c474614723360eae67a87ecb511831371f1af876a477c093ec60f0c823cc7ac87d540

    • SSDEEP

      1536:0LE5nnQe9kzuY21ixKmppo+BuO0arCTizh7Jh5Rtk3yTzgZK:l5nx9tYc59ja7J/Rtog

    Score
    8/10
    persistencespywarestealer

    • Sets DLL path for service in the registry

      persistence

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks