Overview

overview

10

Static

static

3

ca43e84804...48.exe

windows7-x64

10

ca43e84804...48.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    ca43e84804afc3aa10fcb9d8031fbe48

  • Size

    166KB

  • Sample

    240315-c3b1page67

  • MD5

    ca43e84804afc3aa10fcb9d8031fbe48

  • SHA1

    bae95788126a210d7154e6594cd5dab4de8ffc06

  • SHA256

    7e939ae8473173dee703448b707f0b06c40d441511f661a588f454e977c86278

  • SHA512

    e905b72e49be1573179905ce83c69efc0bfea87d581b21c076cd28544dd7a7e9624d8567e7a8216f7ec7994ab23cc29bd68d5a81673588cc5c97a12eda203775

  • SSDEEP

    3072:U029Fq4TKOdKNAd7HJNEJ0rE083A6VbUP+8Fry6mFx29L78VoXSK:U02qqHoK7nE+rw37VAy6mK78VoXSK

Score
10/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      ca43e84804afc3aa10fcb9d8031fbe48

    • Size

      166KB

    • MD5

      ca43e84804afc3aa10fcb9d8031fbe48

    • SHA1

      bae95788126a210d7154e6594cd5dab4de8ffc06

    • SHA256

      7e939ae8473173dee703448b707f0b06c40d441511f661a588f454e977c86278

    • SHA512

      e905b72e49be1573179905ce83c69efc0bfea87d581b21c076cd28544dd7a7e9624d8567e7a8216f7ec7994ab23cc29bd68d5a81673588cc5c97a12eda203775

    • SSDEEP

      3072:U029Fq4TKOdKNAd7HJNEJ0rE083A6VbUP+8Fry6mFx29L78VoXSK:U02qqHoK7nE+rw37VAy6mK78VoXSK

    Score
    10/10
    persistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks