Overview

overview

10

Static

static

10

09de68585d...b5.exe

windows7-x64

9

09de68585d...b5.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    09de68585d48089b04ea7d140e181076f2148519d334b3948ce9890cf85affb5

  • Size

    219KB

  • Sample

    240422-w85dzaee99

  • MD5

    83d81621ba2188a2ef1a1dcbecfa45ed

  • SHA1

    0decf1afcad51d8a84a16cd8355632a12f2c6bd9

  • SHA256

    09de68585d48089b04ea7d140e181076f2148519d334b3948ce9890cf85affb5

  • SHA512

    bd11363241329b281e3c45f1d6e0901540c11580419c48441fad166a60e192a7c1bd8e10ce1a5b5929b7d28ac83081112956546849f189929aa57ef53490141e

  • SSDEEP

    6144:dXC4vgmhbIxs3NBBuupr1chDVMjIuAy+aDNdDdXmS+v:dXCNi9BMuVu3MHAcNNdH+v

Score
10/10
persistencespywarestealer

Malware Config

Targets

    • Target

      09de68585d48089b04ea7d140e181076f2148519d334b3948ce9890cf85affb5

    • Size

      219KB

    • MD5

      83d81621ba2188a2ef1a1dcbecfa45ed

    • SHA1

      0decf1afcad51d8a84a16cd8355632a12f2c6bd9

    • SHA256

      09de68585d48089b04ea7d140e181076f2148519d334b3948ce9890cf85affb5

    • SHA512

      bd11363241329b281e3c45f1d6e0901540c11580419c48441fad166a60e192a7c1bd8e10ce1a5b5929b7d28ac83081112956546849f189929aa57ef53490141e

    • SSDEEP

      6144:dXC4vgmhbIxs3NBBuupr1chDVMjIuAy+aDNdDdXmS+v:dXCNi9BMuVu3MHAcNNdH+v

    Score
    9/10
    persistencespywarestealer

    • Detects executables containing possible sandbox analysis VM usernames

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks