Overview

overview

7

Static

static

3

0439a8f794...2a.exe

windows7-x64

7

0439a8f794...2a.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0439a8f794f2ee43af967123ff16b8856a091c30aa1ed3f8133816eea8bdd92a

  • Size

    3.6MB

  • Sample

    240312-vtwylsge63

  • MD5

    7dc765aee33668979f13ed81013203f4

  • SHA1

    c2f41aa6288aa1fcc1a46b9b85265ebd57de0ea8

  • SHA256

    0439a8f794f2ee43af967123ff16b8856a091c30aa1ed3f8133816eea8bdd92a

  • SHA512

    d50769b9d892046aed78c14e22d62cf5aeb82868165fb6f7c0a367bf2b7c2bb02b7a35a624f283a3116710cffaaae42defe146734f1b2ba5d08be89741a3fa34

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBKB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUppbVz8eLFcz

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      0439a8f794f2ee43af967123ff16b8856a091c30aa1ed3f8133816eea8bdd92a

    • Size

      3.6MB

    • MD5

      7dc765aee33668979f13ed81013203f4

    • SHA1

      c2f41aa6288aa1fcc1a46b9b85265ebd57de0ea8

    • SHA256

      0439a8f794f2ee43af967123ff16b8856a091c30aa1ed3f8133816eea8bdd92a

    • SHA512

      d50769b9d892046aed78c14e22d62cf5aeb82868165fb6f7c0a367bf2b7c2bb02b7a35a624f283a3116710cffaaae42defe146734f1b2ba5d08be89741a3fa34

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBKB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUppbVz8eLFcz

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks