Overview

overview

7

Static

static

7

e1a9f772e7...3c.exe

windows7-x64

7

e1a9f772e7...3c.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e1a9f772e7f4700c0bf6488ff027433c

  • Size

    116KB

  • Sample

    240327-pl9xlsfb41

  • MD5

    e1a9f772e7f4700c0bf6488ff027433c

  • SHA1

    5cd03cac6334952ba5091fe4f882f0e0a62ca625

  • SHA256

    12fb31b55c541639df31fb586588b8d30a6c8a0deeaa9020739c9f6598a875dd

  • SHA512

    18177634bf9719fc27f8d7498979a013f7dc2d19022b7cecf1a7fcefa4a560ad7f6d40af46119c1c3d5f1094cdae395dc132de422784f54cf3625b3a2bb34899

  • SSDEEP

    3072:SKcWmjRrz3N5vEGkrIwaLtqitghXhxpWOH6nJKkBLZ2:hGbw5wtqM+VCJKkBd2

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      e1a9f772e7f4700c0bf6488ff027433c

    • Size

      116KB

    • MD5

      e1a9f772e7f4700c0bf6488ff027433c

    • SHA1

      5cd03cac6334952ba5091fe4f882f0e0a62ca625

    • SHA256

      12fb31b55c541639df31fb586588b8d30a6c8a0deeaa9020739c9f6598a875dd

    • SHA512

      18177634bf9719fc27f8d7498979a013f7dc2d19022b7cecf1a7fcefa4a560ad7f6d40af46119c1c3d5f1094cdae395dc132de422784f54cf3625b3a2bb34899

    • SSDEEP

      3072:SKcWmjRrz3N5vEGkrIwaLtqitghXhxpWOH6nJKkBLZ2:hGbw5wtqM+VCJKkBd2

    Score
    7/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks