Overview

overview

7

Static

static

1

fortineclean.bat

windows7-x64

7

fortineclean.bat

windows10-2004-x64

7

Resubmissions

11/03/2024, 23:36

240311-3lw8eahf7t 7

11/03/2024, 23:36

240311-3lh1sahf6v 7

11/03/2024, 23:34

240311-3kl12shf3t 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    fortineclean.bat

  • Size

    543KB

  • Sample

    240311-3kl12shf3t

  • MD5

    185d2575247438cf27991553ecbcf157

  • SHA1

    713ae5334bfa5711a89d1b81d4cd0c8290a8eb3d

  • SHA256

    21117547af4bb7d37a7f5f1d3f15c96535182329c535f46f0a66d2819dfb0dda

  • SHA512

    fee7d452edee1d3c3080473ce09e7a80d0663d83af6a0af69090d6f16a5223cb0164f7bb7c9cacaf632c6b2ab7d42825c554666e55ddfa09783d2a81984ba946

  • SSDEEP

    1536:osq0dLLLlL7LBL7vXgjIGHSh7DZQLwUDOmE8i/0fj8l9q0dLLLlL7LBL7vXgjcUQ:aRcUFivZ7jvzYx8+9oNQ0OL+

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      fortineclean.bat

    • Size

      543KB

    • MD5

      185d2575247438cf27991553ecbcf157

    • SHA1

      713ae5334bfa5711a89d1b81d4cd0c8290a8eb3d

    • SHA256

      21117547af4bb7d37a7f5f1d3f15c96535182329c535f46f0a66d2819dfb0dda

    • SHA512

      fee7d452edee1d3c3080473ce09e7a80d0663d83af6a0af69090d6f16a5223cb0164f7bb7c9cacaf632c6b2ab7d42825c554666e55ddfa09783d2a81984ba946

    • SSDEEP

      1536:osq0dLLLlL7LBL7vXgjIGHSh7DZQLwUDOmE8i/0fj8l9q0dLLLlL7LBL7vXgjcUQ:aRcUFivZ7jvzYx8+9oNQ0OL+

    Score
    7/10
    spywarestealer

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks