Overview

overview

7

Static

static

3

triage-test.exe

windows7-x64

7

triage-test.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    triage-test.exe

  • Size

    16.1MB

  • Sample

    240225-qzxd4sch46

  • MD5

    f724ee61e68260ae260f1f7efe7a5b49

  • SHA1

    e9497fe524b6c6ba3953d9ed7a2286e61c0c0b7e

  • SHA256

    0adcc23bb223f7205ff2b3a79e1d9d3448be1b4ce738ab672b0068f6567f8b2f

  • SHA512

    f12950f5c6ea23b1a7c55d546fa9008dc35688606722a6338a828cb557325ebc3163da27482810dffe68426d0b2aef08054caf22da749f599595cb7269503585

  • SSDEEP

    393216:SWvz+XOVz+lICtL+9qzTfgD7fEUyIP3Y/m66WCD6:zz+XOx3A+9q/fq7fEbIPTVD6

Score
7/10
pyinstallerspywarestealerupx

Malware Config

Targets

    • Target

      triage-test.exe

    • Size

      16.1MB

    • MD5

      f724ee61e68260ae260f1f7efe7a5b49

    • SHA1

      e9497fe524b6c6ba3953d9ed7a2286e61c0c0b7e

    • SHA256

      0adcc23bb223f7205ff2b3a79e1d9d3448be1b4ce738ab672b0068f6567f8b2f

    • SHA512

      f12950f5c6ea23b1a7c55d546fa9008dc35688606722a6338a828cb557325ebc3163da27482810dffe68426d0b2aef08054caf22da749f599595cb7269503585

    • SSDEEP

      393216:SWvz+XOVz+lICtL+9qzTfgD7fEUyIP3Y/m66WCD6:zz+XOx3A+9q/fq7fEbIPTVD6

    Score
    7/10
    upxspywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks