Overview

overview

8

Static

static

3

419021ab11...08.exe

windows7-x64

8

419021ab11...08.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    419021ab115f22443f653a5525311b2de88705c9c8728be71f939020cb87af08

  • Size

    491KB

  • Sample

    240427-mdwnxage52

  • MD5

    937058aa7d3283f3e81c577193a5fb80

  • SHA1

    44a3a4e5fa211889cde343209ed6a8c7c1ad6ba1

  • SHA256

    419021ab115f22443f653a5525311b2de88705c9c8728be71f939020cb87af08

  • SHA512

    43e2cefbe281a0b1ba8b910852cdb52709a0d91ddda3d9392e34b3d8a370cb8da9677880ea3ea939d20f376417f29cd53e7963c3dd45ef812aafdbb998a0687c

  • SSDEEP

    6144:Tf46tGdye41Uz1gL5pRTMTTjMkId/BynSx7dEe6XwzRaktNP08NhKs39zo43fTtT:L3Nb81gL5pRTcAkS/3hzN8qE43fm78V

Score
8/10
spywarestealer

Malware Config

Targets

    • Target

      419021ab115f22443f653a5525311b2de88705c9c8728be71f939020cb87af08

    • Size

      491KB

    • MD5

      937058aa7d3283f3e81c577193a5fb80

    • SHA1

      44a3a4e5fa211889cde343209ed6a8c7c1ad6ba1

    • SHA256

      419021ab115f22443f653a5525311b2de88705c9c8728be71f939020cb87af08

    • SHA512

      43e2cefbe281a0b1ba8b910852cdb52709a0d91ddda3d9392e34b3d8a370cb8da9677880ea3ea939d20f376417f29cd53e7963c3dd45ef812aafdbb998a0687c

    • SSDEEP

      6144:Tf46tGdye41Uz1gL5pRTMTTjMkId/BynSx7dEe6XwzRaktNP08NhKs39zo43fTtT:L3Nb81gL5pRTcAkS/3hzN8qE43fm78V

    Score
    8/10
    spywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks