Overview

overview

8

Static

static

1

installer(1).exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    installer(1).zip

  • Size

    23KB

  • Sample

    240421-pt9a2sbh7w

  • MD5

    6d4948cd1e1277802bd22c6672460895

  • SHA1

    0f6447a28d81bda6920f71165b2e28e338786a66

  • SHA256

    b8e5dfe0c33dff8809c2a21906842359260536969d9a747c31ffc0bc013eef2d

  • SHA512

    1bcb6926ab3c110fd115974d12c0880c9d805f627afa78095867890df94df69f061ef5d75372cf9a286442ff754236e6c5ab2a89a540177a36b53fb02b12904e

  • SSDEEP

    384:NZl6c4ImMzADj7dvkgfMQT90aSfqupABeiEiVnBU+Qdt9KVAWrx/s+D:V6imMcdvk1QasBHEIBsbGd/s+D

Score
8/10
spywarestealerupx

Malware Config

Targets

    • Target

      installer(1).exe

    • Size

      43KB

    • MD5

      d406ce5200488ab3fb725bbd16324864

    • SHA1

      f7f619307ec9b463abfc7ede001274d12cdc447e

    • SHA256

      28050c06cb9377a1f54773370b24723e0d2849b5b71899bed40b9da7837f2974

    • SHA512

      461822da36db093cae46ab3b1a5fa34617f9fb37bec97c38c33efd134c61df75fecc3192442005645c30c411d6e0eedff6d130c053d80ad557064df12c89a883

    • SSDEEP

      768:XIeRwUuo7jHzx2ET1RVfyCSUz2rx2ET1RVfyCSUzcA20I2BDWNAMxkEQp:1RTuCxH1RAO2rxH1RAOcAsCWFx6

    Score
    8/10
    spywarestealerupx

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks