Overview

overview

7

Static

static

7

2ccbdb7e5e...7a.exe

windows7-x64

7

2ccbdb7e5e...7a.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ccbdb7e5ee99f42139c7d03e84d657a

  • Size

    365KB

  • Sample

    231231-hynftachgr

  • MD5

    2ccbdb7e5ee99f42139c7d03e84d657a

  • SHA1

    debae0802f3c4d36602030a81fa5080da6a511bc

  • SHA256

    97baf60d4a7a53d0eefd438405a01856036abe9312e06de8bcdd50b4ab275b5e

  • SHA512

    c8cf3e9fb8fbe2b691e912f11b35fa001c148ddd1c4101b5af1104ced9fa9c39b39ff3cbc7afdb14fde0303bbadebedb615af4cb75b9335a4dc3dfd8774838cd

  • SSDEEP

    6144:hGyGjUW3C45YFxjTG0DJ4IeuNQWTbpMn4Qh0PlyGRWnxBhQDj6A9q5yb82Yf:h3a5UMITNiHiljUThebqw82Q

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      2ccbdb7e5ee99f42139c7d03e84d657a

    • Size

      365KB

    • MD5

      2ccbdb7e5ee99f42139c7d03e84d657a

    • SHA1

      debae0802f3c4d36602030a81fa5080da6a511bc

    • SHA256

      97baf60d4a7a53d0eefd438405a01856036abe9312e06de8bcdd50b4ab275b5e

    • SHA512

      c8cf3e9fb8fbe2b691e912f11b35fa001c148ddd1c4101b5af1104ced9fa9c39b39ff3cbc7afdb14fde0303bbadebedb615af4cb75b9335a4dc3dfd8774838cd

    • SSDEEP

      6144:hGyGjUW3C45YFxjTG0DJ4IeuNQWTbpMn4Qh0PlyGRWnxBhQDj6A9q5yb82Yf:h3a5UMITNiHiljUThebqw82Q

    Score
    7/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks