Overview

overview

7

Static

static

7

871590c21d...9a.exe

windows7-x64

7

871590c21d...9a.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    871590c21dce42ef7478e8c2c87aa39a

  • Size

    220KB

  • Sample

    240201-rg7msshahp

  • MD5

    871590c21dce42ef7478e8c2c87aa39a

  • SHA1

    cdac237afa5220b4b9755a13e8e22d0d91cef3d3

  • SHA256

    ac4d6a524d2cfa7d64b801358cda2a098d868ae1fa710dbd88b10ea3679e0c91

  • SHA512

    d51778d379eedd687d2c9287db86105b0291c4a64a627f018f8e987063559d0b2bd7b4e523b672839945fbadc986000a45a1e960ccdbf62ac56b3cf2112d8ba9

  • SSDEEP

    3072:bjr87S7Gnzbo6KcWmjRrz3VRzetvkcipd3YvPMtqpxeNwcc7FOFN540KDI:AZvMGVqkNd3EPdpEqcc7Ez4DI

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      871590c21dce42ef7478e8c2c87aa39a

    • Size

      220KB

    • MD5

      871590c21dce42ef7478e8c2c87aa39a

    • SHA1

      cdac237afa5220b4b9755a13e8e22d0d91cef3d3

    • SHA256

      ac4d6a524d2cfa7d64b801358cda2a098d868ae1fa710dbd88b10ea3679e0c91

    • SHA512

      d51778d379eedd687d2c9287db86105b0291c4a64a627f018f8e987063559d0b2bd7b4e523b672839945fbadc986000a45a1e960ccdbf62ac56b3cf2112d8ba9

    • SSDEEP

      3072:bjr87S7Gnzbo6KcWmjRrz3VRzetvkcipd3YvPMtqpxeNwcc7FOFN540KDI:AZvMGVqkNd3EPdpEqcc7Ez4DI

    Score
    7/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks