Overview

overview

7

Static

static

3

bcd47dfcab...30.exe

windows7-x64

7

bcd47dfcab...30.exe

windows10-2004-x64

7

Resubmissions

10/04/2024, 02:20

240410-csmdnsbh67 7

10/04/2024, 02:20

240410-cslr5sfc3v 7

10/04/2024, 02:20

240410-csk6lsbh66 7

10/04/2024, 02:20

240410-cskvvafc3t 7

07/02/2024, 00:55

240207-a9wbssahf7 7

04/02/2024, 03:30

240204-d2n5asafcp 7

01/02/2024, 05:13

240201-fwg5xacad9 7

24/12/2023, 22:44

231224-2nv8fsggd7 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bcd47dfcab580e884a5bf936e5b243a0cb83b6ddf7a48c669328ddd1893fa830

  • Size

    3.0MB

  • Sample

    240204-d2n5asafcp

  • MD5

    715b2b88bb473680a983c6a60c69491f

  • SHA1

    e909cdb4618307a1df57a58702f0bff72c0164f8

  • SHA256

    bcd47dfcab580e884a5bf936e5b243a0cb83b6ddf7a48c669328ddd1893fa830

  • SHA512

    1e216aecf4bb7810cc58e943939b5458343e9858ee1419bdf7a4daaf92b04d0ea86ae270dccb5f8e5fcdfb70c084ac744b157d53b20ad34f3eba52f1d073d81b

  • SSDEEP

    24576:+0aQZvWqj2YB+nFLaLfaUY3Y2RlGemVFrmzTe8Kt8YsfhIyRSMG1czjqyDQKijNe:+09EGZeUZ24rUTRtg8d4NOkFVyrdR

Score
7/10
collectiondiscoveryspywarestealer

Malware Config

Targets

    • Target

      bcd47dfcab580e884a5bf936e5b243a0cb83b6ddf7a48c669328ddd1893fa830

    • Size

      3.0MB

    • MD5

      715b2b88bb473680a983c6a60c69491f

    • SHA1

      e909cdb4618307a1df57a58702f0bff72c0164f8

    • SHA256

      bcd47dfcab580e884a5bf936e5b243a0cb83b6ddf7a48c669328ddd1893fa830

    • SHA512

      1e216aecf4bb7810cc58e943939b5458343e9858ee1419bdf7a4daaf92b04d0ea86ae270dccb5f8e5fcdfb70c084ac744b157d53b20ad34f3eba52f1d073d81b

    • SSDEEP

      24576:+0aQZvWqj2YB+nFLaLfaUY3Y2RlGemVFrmzTe8Kt8YsfhIyRSMG1czjqyDQKijNe:+09EGZeUZ24rUTRtg8d4NOkFVyrdR

    Score
    7/10
    collectiondiscoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks