Overview

overview

8

Static

static

3

7efa886dc5...2b.exe

windows7-x64

8

7efa886dc5...2b.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7efa886dc52826ba50a430b4bc11242b

  • Size

    3.5MB

  • Sample

    240129-fwgt5sagd5

  • MD5

    7efa886dc52826ba50a430b4bc11242b

  • SHA1

    f732b0b94d6d5e99fd120bc3a5360ebbf1d46004

  • SHA256

    f06ddda9afdc89e65cbe819c0eecef522c961924527829ba3cf7b11a271c0eaa

  • SHA512

    2c9fb8af9a10b3431a63c4624948ada993a368cafc88da43ee011f65e41acf0188b3b2f721001b62d18c0769efe73df79d4d8c4458e5d25933274d816c9d60c2

  • SSDEEP

    98304:pRS6nfSOQZOt+CW+7EELhF3gxpNOf2k2Y/d9DJJzM:pkj8NBFwxpNOuk2eDjg

Score
8/10
evasionspywarestealer

Malware Config

Targets

    • Target

      7efa886dc52826ba50a430b4bc11242b

    • Size

      3.5MB

    • MD5

      7efa886dc52826ba50a430b4bc11242b

    • SHA1

      f732b0b94d6d5e99fd120bc3a5360ebbf1d46004

    • SHA256

      f06ddda9afdc89e65cbe819c0eecef522c961924527829ba3cf7b11a271c0eaa

    • SHA512

      2c9fb8af9a10b3431a63c4624948ada993a368cafc88da43ee011f65e41acf0188b3b2f721001b62d18c0769efe73df79d4d8c4458e5d25933274d816c9d60c2

    • SSDEEP

      98304:pRS6nfSOQZOt+CW+7EELhF3gxpNOf2k2Y/d9DJJzM:pkj8NBFwxpNOuk2eDjg

    Score
    8/10
    evasionspywarestealer

    • Stops running service(s)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks