Overview

overview

7

Static

static

3

b82796bc21...66.exe

windows7-x64

7

b82796bc21...66.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b82796bc21326da2d4b9ec7712a15166

  • Size

    320KB

  • Sample

    240409-y2fhdada21

  • MD5

    b82796bc21326da2d4b9ec7712a15166

  • SHA1

    f89001b7e95385df5967d9ca701bc96ea1a41acd

  • SHA256

    592cefcfd6b90d2353afd639b303fe022590ae2c2821e2e44134fe62a09caaa6

  • SHA512

    1d7d099f318ef5ef4de980098996b28fa20f2fdd7af04f7893c638701f0bc6dde0edf897086918ca086b040731ae14a803627d58d0614ec6e3d95f24d6d75a66

  • SSDEEP

    6144:aDOxZXrSHXUTsIDAikYOvAYx/fVCF3MvDcO5uGnGcQWfUv3O1LraRjJDH:lXa8sIDAnYOVxVCF8vB8GlQMSsLrWDH

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      b82796bc21326da2d4b9ec7712a15166

    • Size

      320KB

    • MD5

      b82796bc21326da2d4b9ec7712a15166

    • SHA1

      f89001b7e95385df5967d9ca701bc96ea1a41acd

    • SHA256

      592cefcfd6b90d2353afd639b303fe022590ae2c2821e2e44134fe62a09caaa6

    • SHA512

      1d7d099f318ef5ef4de980098996b28fa20f2fdd7af04f7893c638701f0bc6dde0edf897086918ca086b040731ae14a803627d58d0614ec6e3d95f24d6d75a66

    • SSDEEP

      6144:aDOxZXrSHXUTsIDAikYOvAYx/fVCF3MvDcO5uGnGcQWfUv3O1LraRjJDH:lXa8sIDAnYOVxVCF8vB8GlQMSsLrWDH

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks