Overview

overview

7

Static

static

3

6b5f0c0149...e4.exe

windows7-x64

7

6b5f0c0149...e4.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    6b5f0c014955ab4595fdb9ae4ac42711c2091a45e5187965a00bf7aad621ade4

  • Size

    3.6MB

  • Sample

    240420-22hjhscc48

  • MD5

    c2e13e5c8ce944a26ae0283f83643209

  • SHA1

    bd4b3aabcc644c6d0f071804c6c6bc0dbd6578de

  • SHA256

    6b5f0c014955ab4595fdb9ae4ac42711c2091a45e5187965a00bf7aad621ade4

  • SHA512

    b927035f5c3653ac01e1f5625db3b43936cf35d96801a95262b2df8409c84e996bddaf7df10333d2fc87ac97527834b9560ee721960b805b6e54b5d8f81bb251

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBjB/bSqz8:sxX7QnxrloE5dpUpgbVz8

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      6b5f0c014955ab4595fdb9ae4ac42711c2091a45e5187965a00bf7aad621ade4

    • Size

      3.6MB

    • MD5

      c2e13e5c8ce944a26ae0283f83643209

    • SHA1

      bd4b3aabcc644c6d0f071804c6c6bc0dbd6578de

    • SHA256

      6b5f0c014955ab4595fdb9ae4ac42711c2091a45e5187965a00bf7aad621ade4

    • SHA512

      b927035f5c3653ac01e1f5625db3b43936cf35d96801a95262b2df8409c84e996bddaf7df10333d2fc87ac97527834b9560ee721960b805b6e54b5d8f81bb251

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBjB/bSqz8:sxX7QnxrloE5dpUpgbVz8

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks