Overview

overview

8

Static

static

1

file_release3.rar

windows11-21h2-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    file_release3.rar

  • Size

    17.1MB

  • Sample

    240306-mqrwgshb2v

  • MD5

    e76238f92fc7f695597b3c10422f6e3a

  • SHA1

    cc9191497835c5ed4414d607f8addb15cb20e560

  • SHA256

    3dcc8c5e9717d6bbfa0d90b444ee27bbd688e3b406990fc7c5ee9dcdf1fe5feb

  • SHA512

    8003165eb9a6cf356fe09f8e8d6e130527baa0423e3d4da99cae279b89acb61882d4e6ce6c8bc16937166db9a4c279a4fa4ef7d8d76e3c6ee779d1655aff0665

  • SSDEEP

    393216:YhzDz1G4AS3g2S8XwXs8Esssv4OEEiz14uyEKA5443ZniYlgLsyK:YhzDzJ3kvStEE1zyEKA5F3ZILsyK

Score
8/10
spywarestealer

Malware Config

Targets

    • Target

      file_release3.rar

    • Size

      17.1MB

    • MD5

      e76238f92fc7f695597b3c10422f6e3a

    • SHA1

      cc9191497835c5ed4414d607f8addb15cb20e560

    • SHA256

      3dcc8c5e9717d6bbfa0d90b444ee27bbd688e3b406990fc7c5ee9dcdf1fe5feb

    • SHA512

      8003165eb9a6cf356fe09f8e8d6e130527baa0423e3d4da99cae279b89acb61882d4e6ce6c8bc16937166db9a4c279a4fa4ef7d8d76e3c6ee779d1655aff0665

    • SSDEEP

      393216:YhzDz1G4AS3g2S8XwXs8Esssv4OEEiz14uyEKA5443ZniYlgLsyK:YhzDzJ3kvStEE1zyEKA5F3ZILsyK

    Score
    8/10
    spywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks