Overview

overview

7

Static

static

7

964a5d85cf...c3.exe

windows7-x64

7

964a5d85cf...c3.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    964a5d85cf4f828d55af1e46d6aae1c3

  • Size

    317KB

  • Sample

    240212-fgca4sbe5t

  • MD5

    964a5d85cf4f828d55af1e46d6aae1c3

  • SHA1

    029ea1d2fdf534647327815779deea5f1d30e1ac

  • SHA256

    127b415fc330723c575de204eb1ca404613651ae55599ee5258be31350ef094c

  • SHA512

    b244d506de55e3a4711784091cec43822ce725c5c4f8e4c27d4a612944b8c0cdc09dbe6e12ebc6663148812bf9d8b7e39f366cd42a3fba1a1e23d657822972a1

  • SSDEEP

    6144:hGtsYRtuVfK8GQoF4X6fw9Fo6ReuTNkdJlHkDpzCbAf4TFvTJrvRmAr:hRVfKtQogu4FXReuTyPlHkDFpgJdrvIC

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      964a5d85cf4f828d55af1e46d6aae1c3

    • Size

      317KB

    • MD5

      964a5d85cf4f828d55af1e46d6aae1c3

    • SHA1

      029ea1d2fdf534647327815779deea5f1d30e1ac

    • SHA256

      127b415fc330723c575de204eb1ca404613651ae55599ee5258be31350ef094c

    • SHA512

      b244d506de55e3a4711784091cec43822ce725c5c4f8e4c27d4a612944b8c0cdc09dbe6e12ebc6663148812bf9d8b7e39f366cd42a3fba1a1e23d657822972a1

    • SSDEEP

      6144:hGtsYRtuVfK8GQoF4X6fw9Fo6ReuTNkdJlHkDpzCbAf4TFvTJrvRmAr:hRVfKtQogu4FXReuTyPlHkDFpgJdrvIC

    Score
    7/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks