Overview

overview

7

Static

static

3

061fa38a50...bd.exe

windows7-x64

7

061fa38a50...bd.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    061fa38a504db1f7b86bd56ec72dcdcfac17694b50fe9534a5fd88a8ff9ef4bd

  • Size

    3.9MB

  • Sample

    240428-wy1m2adf83

  • MD5

    703590dd7ae6300d1aadb345cd7883b0

  • SHA1

    b80c8e3be1a93109ae98d61e8bb71e07d4af6f3f

  • SHA256

    061fa38a504db1f7b86bd56ec72dcdcfac17694b50fe9534a5fd88a8ff9ef4bd

  • SHA512

    b84bf5d98ed1aefe03785f236fd11d07be65152f71e3ecab6e4032c7519039d927b7a9b721c94e02c96bd5b1cd21b863456bfe7c40d2a64a54f9d393170b0696

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBYB/bSqz8:sxX7QnxrloE5dpUpzbVz8

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      061fa38a504db1f7b86bd56ec72dcdcfac17694b50fe9534a5fd88a8ff9ef4bd

    • Size

      3.9MB

    • MD5

      703590dd7ae6300d1aadb345cd7883b0

    • SHA1

      b80c8e3be1a93109ae98d61e8bb71e07d4af6f3f

    • SHA256

      061fa38a504db1f7b86bd56ec72dcdcfac17694b50fe9534a5fd88a8ff9ef4bd

    • SHA512

      b84bf5d98ed1aefe03785f236fd11d07be65152f71e3ecab6e4032c7519039d927b7a9b721c94e02c96bd5b1cd21b863456bfe7c40d2a64a54f9d393170b0696

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBYB/bSqz8:sxX7QnxrloE5dpUpzbVz8

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks