0e52406d93b9c75927a111a214e8f2d95ce6ad0f3abc76a9a78b300c62edca65

User tags

Assigned on submission by the user, not by sandbox detections.

Threatview.io Proactive Hunter

Sharing

Copy URL

Twitter E-mail

General

Target

Setup.exe
Size

3.2MB
Sample

240415-cmj2csef6v
MD5

9882c553537d910ab52fa50aab24cfc2
SHA1

564c5cd422a279dfb999f8e4be062f4dc35733ba
SHA256

0e52406d93b9c75927a111a214e8f2d95ce6ad0f3abc76a9a78b300c62edca65
SHA512

402db33cf046c02961abb4ca4909650d5e148091daf4c83e8da89373911d7d45e5f95fbb48c9349bcf3b12b11a876bac92c203814be1df0c32b0cf1183ecb1ce
SSDEEP

98304:rBrIJukIjbMK3WlEmVGBuhZ0lEvAsIY3WRaAVzT+NYTSVyTBtmMg8k54eD62:RTmVGuH0lEVIY3WRaAd+NYmVyTBgMHk

Score

7^/10

Malware Config

Targets

- Target
  
  Setup.exe
- Size
  
  3.2MB
- MD5
  
  9882c553537d910ab52fa50aab24cfc2
- SHA1
  
  564c5cd422a279dfb999f8e4be062f4dc35733ba
- SHA256
  
  0e52406d93b9c75927a111a214e8f2d95ce6ad0f3abc76a9a78b300c62edca65
- SHA512
  
  402db33cf046c02961abb4ca4909650d5e148091daf4c83e8da89373911d7d45e5f95fbb48c9349bcf3b12b11a876bac92c203814be1df0c32b0cf1183ecb1ce
- SSDEEP
  
  98304:rBrIJukIjbMK3WlEmVGBuhZ0lEvAsIY3WRaAVzT+NYTSVyTBtmMg8k54eD62:RTmVGuH0lEVIY3WRaAd+NYmVyTBgMHk
Score

7^/10

collection discovery spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

Remote System Discovery

T1018

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Email Collection

T1114

Command and Control

Exfiltration

Impact

Tasks

User tags

Sharing

General

Malware Config

Targets

Checks computer location settings

Reads user/profile data of web browsers

Accesses Microsoft Outlook profiles

Checks installed software on the system

Looks up external IP address via web service

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2