Overview

overview

7

Static

static

7

ac536ae5bd...56.exe

windows7-x64

7

ac536ae5bd...56.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ac536ae5bdb8251b955aa6d346548256

  • Size

    214KB

  • Sample

    240228-tw9f2sgb35

  • MD5

    ac536ae5bdb8251b955aa6d346548256

  • SHA1

    2b30c7f1d6b2aa6c6b185d9278bdf93c9004a1e9

  • SHA256

    bcddf7c8f95107f63e548deda1423432b826aa7d801571a693569991a43b291c

  • SHA512

    1c87faf3d79e0a65890117f2bac0152fb0c9ddafe376a2b1e5e2a7bd14495f676875cb9ef8122a4f98882616227e4dd6426e54237d79511898a76b6b58a0cb59

  • SSDEEP

    3072:6NLDAMlHHiUD0X35URUtXmTxvZ/+oTRw5azHdGSA41pUCf/6cVA9aqfcxqpxNmmY:6/lHCnzIvZGoTnzHRpvfatT1K

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      ac536ae5bdb8251b955aa6d346548256

    • Size

      214KB

    • MD5

      ac536ae5bdb8251b955aa6d346548256

    • SHA1

      2b30c7f1d6b2aa6c6b185d9278bdf93c9004a1e9

    • SHA256

      bcddf7c8f95107f63e548deda1423432b826aa7d801571a693569991a43b291c

    • SHA512

      1c87faf3d79e0a65890117f2bac0152fb0c9ddafe376a2b1e5e2a7bd14495f676875cb9ef8122a4f98882616227e4dd6426e54237d79511898a76b6b58a0cb59

    • SSDEEP

      3072:6NLDAMlHHiUD0X35URUtXmTxvZ/+oTRw5azHdGSA41pUCf/6cVA9aqfcxqpxNmmY:6/lHCnzIvZGoTnzHRpvfatT1K

    Score
    7/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks