Overview

overview

7

Static

static

3

a06bb29952...6e.exe

windows7-x64

7

a06bb29952...6e.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a06bb29952757ab89bb22e7ad7ec0f6e

  • Size

    389KB

  • Sample

    240221-ydydaaec6y

  • MD5

    a06bb29952757ab89bb22e7ad7ec0f6e

  • SHA1

    f531ad38737cd2b92452595d3937c640eee02144

  • SHA256

    751921f0f6a5d789ae6437b9b53d78eddc04dfe1323cdd95bd9b5364c49d9311

  • SHA512

    75405d1d19b02dc895be7afe7b5b65ec87711dceecdd2d8d9c9dc39f2d44621f79edeaf50a73ed7cfc18bf89a48f9795f3acb493a852424685fd6374083648b3

  • SSDEEP

    6144:hBk/Zml2Rxs3NBBUKs7HCC1Nbw0Z8ddzyzC/shoX1I1fxTADds4pK97Z:hBai9BKKQt9udIz9h26xTsdq7Z

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      a06bb29952757ab89bb22e7ad7ec0f6e

    • Size

      389KB

    • MD5

      a06bb29952757ab89bb22e7ad7ec0f6e

    • SHA1

      f531ad38737cd2b92452595d3937c640eee02144

    • SHA256

      751921f0f6a5d789ae6437b9b53d78eddc04dfe1323cdd95bd9b5364c49d9311

    • SHA512

      75405d1d19b02dc895be7afe7b5b65ec87711dceecdd2d8d9c9dc39f2d44621f79edeaf50a73ed7cfc18bf89a48f9795f3acb493a852424685fd6374083648b3

    • SSDEEP

      6144:hBk/Zml2Rxs3NBBUKs7HCC1Nbw0Z8ddzyzC/shoX1I1fxTADds4pK97Z:hBai9BKKQt9udIz9h26xTsdq7Z

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks