Overview

overview

7

Static

static

3

501.exe

windows7-x64

7

501.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    501.bin.zip

  • Size

    707KB

  • Sample

    240303-laqstagh23

  • MD5

    6ffeebd350e0d2354db5c30f1ba4b56b

  • SHA1

    b900f3c80301f9637b39895b3772f9c67c4894bc

  • SHA256

    208c3b502eb2e3031fa0714a393dbdc719437e8568f9c97c9d7d8a898fe8de5e

  • SHA512

    e9fb895cbc5dfd73ebcab426cec8de741188b7e1bd9b7dd661d011446245d5fc34885956dcd95aa7f97575a1a8d67bfe91c46903fdded462359e9539624549f1

  • SSDEEP

    12288:75r3dyNSzo0jw16q1AL0cFG3iKrMjAZk39Q3ftW/fjWWWjQUglPeGnXd0:FrzpU166AL0cM3iKlqO3yCWWbglx2

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      501.bin

    • Size

      753KB

    • MD5

      0fda14f19aaa5c3b6da87889f0b234a6

    • SHA1

      faa316c4456548e42d7368a1ef3ae1f3c173b34b

    • SHA256

      17fb5605ee9c8c5d524dbdea215e32e714827f325af0361d4ced39e6fa554859

    • SHA512

      7fe261ae95c325065bbfd4d32a22d16d5f8f31a5efd9b73b0806fb34f2626f1a68c7a4fb6fc9d08b35060c0a41e675d87f4effa8fa130d6291d88ace0ebc3574

    • SSDEEP

      12288:m+y5IWuWAIe40BcQxs1pMi3oMc1LM/IWuWAIe40BcQxs1pMi3oMc1LMy:mlSfrID0rxs1pMQBsfrID0rxs1pMQBO

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks