Overview

overview

7

Static

static

3

51f8571bfb...b1.exe

windows7-x64

6

51f8571bfb...b1.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    51f8571bfb8f802879f9dd223340fbb1

  • Size

    12KB

  • Sample

    240110-3ylbnsafdm

  • MD5

    51f8571bfb8f802879f9dd223340fbb1

  • SHA1

    400ec768679682454e655d59dfcb387baf5ed42d

  • SHA256

    b756853fe6887b917869dc1bfbfd0d3f4024aa3beccac1638354eafb19acc75c

  • SHA512

    e2e2947c68b2128e1ac2d1417a0723b2c1669f114a865a2254ea951f16b1f05fa122a8ee47493bdbe1b33e36fdb6c80969a8ddd060445500a27562162a0b1541

  • SSDEEP

    384:Q0KjMB9JTUA0IKHpj8s8XH0grR0E/5i5:SjMyPIGjAHlC5

Score
7/10
microsoftpersistencephishingspywarestealer

Malware Config

Targets

    • Target

      51f8571bfb8f802879f9dd223340fbb1

    • Size

      12KB

    • MD5

      51f8571bfb8f802879f9dd223340fbb1

    • SHA1

      400ec768679682454e655d59dfcb387baf5ed42d

    • SHA256

      b756853fe6887b917869dc1bfbfd0d3f4024aa3beccac1638354eafb19acc75c

    • SHA512

      e2e2947c68b2128e1ac2d1417a0723b2c1669f114a865a2254ea951f16b1f05fa122a8ee47493bdbe1b33e36fdb6c80969a8ddd060445500a27562162a0b1541

    • SSDEEP

      384:Q0KjMB9JTUA0IKHpj8s8XH0grR0E/5i5:SjMyPIGjAHlC5

    Score
    7/10
    persistencemicrosoftphishingspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks