Overview

overview

10

Static

static

1

9fbeb629ea...0f.exe

windows7-x64

10

9fbeb629ea...0f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9fbeb629ea0dc72ac8db680855984d51b28c1195e48abff2e68b0228f49d5b0f

  • Size

    2.5MB

  • Sample

    240410-p8nynage87

  • MD5

    65792e4d02f910d20dcf74487cb9fab1

  • SHA1

    942337f3ea28f553b47dc05726bb062befe09fef

  • SHA256

    9fbeb629ea0dc72ac8db680855984d51b28c1195e48abff2e68b0228f49d5b0f

  • SHA512

    14f2bc63e7c59a9988426f71905066596d15def0f1238b6acac1aa45367ca896bfcfd24e984fffcf8ba4cd36130da6c67530a876992b7e80c1591df4cf25fd9e

  • SSDEEP

    49152:k1pt5y4+ehRpj3bQxZI9SoesOCpnROKcQtngNbawIVbf8Amz2FNaZU6NVX:k9M7ERF3bcZipROTMngNVKr02v2t

Score
10/10
outsteelevasionspywarestealertrojan

Malware Config

Targets

    • Target

      9fbeb629ea0dc72ac8db680855984d51b28c1195e48abff2e68b0228f49d5b0f

    • Size

      2.5MB

    • MD5

      65792e4d02f910d20dcf74487cb9fab1

    • SHA1

      942337f3ea28f553b47dc05726bb062befe09fef

    • SHA256

      9fbeb629ea0dc72ac8db680855984d51b28c1195e48abff2e68b0228f49d5b0f

    • SHA512

      14f2bc63e7c59a9988426f71905066596d15def0f1238b6acac1aa45367ca896bfcfd24e984fffcf8ba4cd36130da6c67530a876992b7e80c1591df4cf25fd9e

    • SSDEEP

      49152:k1pt5y4+ehRpj3bQxZI9SoesOCpnROKcQtngNbawIVbf8Amz2FNaZU6NVX:k9M7ERF3bcZipROTMngNVKr02v2t

    Score
    10/10
    outsteelevasionspywarestealertrojan

    • OutSteel

      OutSteel is a file uploader and document stealer written in AutoIT.

      stealeroutsteel

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks