Overview

overview

7

Static

static

3

b61608def9...4c.exe

windows7-x64

7

b61608def9...4c.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b61608def970c6c905eaed96e5befa4c

  • Size

    6.3MB

  • Sample

    240306-a48pyaeb7s

  • MD5

    b61608def970c6c905eaed96e5befa4c

  • SHA1

    a470e2c2146682809a9086693f21bc640aca927f

  • SHA256

    b55bb75f4ae13e406ab037acadb052ae10eee4d79920728a66217b819b4b35e3

  • SHA512

    000f218a71ce0b0a7f8c182c62adc68fbd36f980ca9fd4eebb691da4b4492dc8e255e5525139f22dc178a2c158cfc745cb6f342bb0e7dc5d0813768d5d34b434

  • SSDEEP

    49152:Kss1TS46XTJnOLjc9IW1dXgfC/MHmgqhbuRKwpB8Uv3eZqhaK6zbfqdlbZqhaK6k:yAyc9IW1dXgfC/MHmgqHNjxmx

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      b61608def970c6c905eaed96e5befa4c

    • Size

      6.3MB

    • MD5

      b61608def970c6c905eaed96e5befa4c

    • SHA1

      a470e2c2146682809a9086693f21bc640aca927f

    • SHA256

      b55bb75f4ae13e406ab037acadb052ae10eee4d79920728a66217b819b4b35e3

    • SHA512

      000f218a71ce0b0a7f8c182c62adc68fbd36f980ca9fd4eebb691da4b4492dc8e255e5525139f22dc178a2c158cfc745cb6f342bb0e7dc5d0813768d5d34b434

    • SSDEEP

      49152:Kss1TS46XTJnOLjc9IW1dXgfC/MHmgqhbuRKwpB8Uv3eZqhaK6zbfqdlbZqhaK6k:yAyc9IW1dXgfC/MHmgqHNjxmx

    Score
    7/10
    persistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks