Overview

overview

7

Static

static

3

9849a443ab...54.exe

windows7-x64

7

9849a443ab...54.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    9849a443ab04add4abf6e8fac64bdc29d87020e62e05bd4882a4563e12708454

  • Size

    3.6MB

  • Sample

    240423-bqf87sag62

  • MD5

    822e0929045659fec18d2507e62226e1

  • SHA1

    0b1695135143aecc1a30a11c297025f3999eaf44

  • SHA256

    9849a443ab04add4abf6e8fac64bdc29d87020e62e05bd4882a4563e12708454

  • SHA512

    8b08c32206275ab8ed08fcf168c3a73b1fafdf88a72c445dc3063077fd6c0084c6c46aeab3e605801cdd49a0e09209f6636c2b21540405f5d6442cde44d49cd2

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBlB/bSqz8:sxX7QnxrloE5dpUpKbVz8

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      9849a443ab04add4abf6e8fac64bdc29d87020e62e05bd4882a4563e12708454

    • Size

      3.6MB

    • MD5

      822e0929045659fec18d2507e62226e1

    • SHA1

      0b1695135143aecc1a30a11c297025f3999eaf44

    • SHA256

      9849a443ab04add4abf6e8fac64bdc29d87020e62e05bd4882a4563e12708454

    • SHA512

      8b08c32206275ab8ed08fcf168c3a73b1fafdf88a72c445dc3063077fd6c0084c6c46aeab3e605801cdd49a0e09209f6636c2b21540405f5d6442cde44d49cd2

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBlB/bSqz8:sxX7QnxrloE5dpUpKbVz8

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks