Overview

overview

7

Static

static

3

ea0bac73ae...86.dll

windows7-x64

7

ea0bac73ae...86.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea0bac73ae00396f883e45c331384c90158eb78d119997d1c20b60a4242a0886

  • Size

    2.6MB

  • Sample

    240428-gz57kshg89

  • MD5

    6dafe76f03895036f94ef4723133df1d

  • SHA1

    fdcc12f45d4804f8ce5da10b77e92e047c955d2e

  • SHA256

    ea0bac73ae00396f883e45c331384c90158eb78d119997d1c20b60a4242a0886

  • SHA512

    4c07397fed0e03af46ae9bddcb6c3aa31548909e2f43176bbd00af3991b7f83bdd1a470d03b0597c137bdd864bd2d62ea9fb0c7d6c6c100863c7cf0ffbe1bcdb

  • SSDEEP

    49152:CVONBPiJrgyO+EShjwxsz9lVcWjSjhTSGIo8Y70trpzsyEuCnLsLVmG+:CVOuSTchj7h3cWm2trvn

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      ea0bac73ae00396f883e45c331384c90158eb78d119997d1c20b60a4242a0886

    • Size

      2.6MB

    • MD5

      6dafe76f03895036f94ef4723133df1d

    • SHA1

      fdcc12f45d4804f8ce5da10b77e92e047c955d2e

    • SHA256

      ea0bac73ae00396f883e45c331384c90158eb78d119997d1c20b60a4242a0886

    • SHA512

      4c07397fed0e03af46ae9bddcb6c3aa31548909e2f43176bbd00af3991b7f83bdd1a470d03b0597c137bdd864bd2d62ea9fb0c7d6c6c100863c7cf0ffbe1bcdb

    • SSDEEP

      49152:CVONBPiJrgyO+EShjwxsz9lVcWjSjhTSGIo8Y70trpzsyEuCnLsLVmG+:CVOuSTchj7h3cWm2trvn

    Score
    7/10
    spywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks