Overview

overview

7

Static

static

3

a8af728b77...4d.exe

windows7-x64

7

a8af728b77...4d.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a8af728b77609203164f60bdbe45e04d

  • Size

    288KB

  • Sample

    240409-yx8clahc75

  • MD5

    a8af728b77609203164f60bdbe45e04d

  • SHA1

    8ac865d740a48e44bca7e68c3ac16d7599472606

  • SHA256

    b382bb921c8100f87f3aecbc2340c84f51242d56b2571830e22b0ee24c0749c4

  • SHA512

    d2a92d306161bd66067f1c5ee6f64b2d99dbb2cb58ab99b79794c561124d967c096cf8fabee8eb2c8c6fdd908e3cf4d36c2c76d81484e9877fd6201839e8d089

  • SSDEEP

    6144:9rTfUHeeSKOS9ccFKk3Y9t9YuGoaAi7wGfO94:9n8yN0Mr8SaAFG/

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      a8af728b77609203164f60bdbe45e04d

    • Size

      288KB

    • MD5

      a8af728b77609203164f60bdbe45e04d

    • SHA1

      8ac865d740a48e44bca7e68c3ac16d7599472606

    • SHA256

      b382bb921c8100f87f3aecbc2340c84f51242d56b2571830e22b0ee24c0749c4

    • SHA512

      d2a92d306161bd66067f1c5ee6f64b2d99dbb2cb58ab99b79794c561124d967c096cf8fabee8eb2c8c6fdd908e3cf4d36c2c76d81484e9877fd6201839e8d089

    • SSDEEP

      6144:9rTfUHeeSKOS9ccFKk3Y9t9YuGoaAi7wGfO94:9n8yN0Mr8SaAFG/

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks