Overview

overview

7

Static

static

3

Pula.exe

windows10-1703-x64

7

Pula.exe

windows10-2004-x64

7

Pula.exe

windows11-21h2-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Pula.exe

  • Size

    78.8MB

  • Sample

    240409-p4rhzsag2s

  • MD5

    53458e2a187893eaa044f844f6eee37e

  • SHA1

    88f0c73f35f643bbcccd4985aca4968450bb0bfe

  • SHA256

    024461fa504f68de65ff6c711276c8878005cb2308f2fee2ec5e25ddf8492e47

  • SHA512

    fe7812487045b3047287d392ca8136bb5acc2c789ca5321d0f41af2fca359c2061dbe0406f5f002c3ed69a88bf41b83fcd9192c84cbd93ca9143301ad5e7a91c

  • SSDEEP

    1572864:ZW6LBYtFAt3xz8aqYQxw50ZHBFdNYZvpXm6IKEe:Z9ugt3xz8dRxnzFC3IKE

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      Pula.exe

    • Size

      78.8MB

    • MD5

      53458e2a187893eaa044f844f6eee37e

    • SHA1

      88f0c73f35f643bbcccd4985aca4968450bb0bfe

    • SHA256

      024461fa504f68de65ff6c711276c8878005cb2308f2fee2ec5e25ddf8492e47

    • SHA512

      fe7812487045b3047287d392ca8136bb5acc2c789ca5321d0f41af2fca359c2061dbe0406f5f002c3ed69a88bf41b83fcd9192c84cbd93ca9143301ad5e7a91c

    • SSDEEP

      1572864:ZW6LBYtFAt3xz8aqYQxw50ZHBFdNYZvpXm6IKEe:Z9ugt3xz8dRxnzFC3IKE

    Score
    7/10
    discoveryspywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks