Overview

overview

7

Static

static

3

fb670782d3...95.exe

windows7-x64

7

fb670782d3...95.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fb670782d347f863145ee1d10dfd9eccdd39f78c84aed7bc83bc472dd51a7e95

  • Size

    66KB

  • Sample

    240428-xx2dlsfb5z

  • MD5

    ec2be1c859f145dc7eef3dec024ffeb1

  • SHA1

    328464cb3ff5e1f33a099f6c1251293a794644df

  • SHA256

    fb670782d347f863145ee1d10dfd9eccdd39f78c84aed7bc83bc472dd51a7e95

  • SHA512

    2b4b0371c62a74ddcc0c7c5d0ea912c7ec954c965c7e358558bb3fe38f488f1301cac963e2a98f236ace3922241e3d8a43bd9c967ce3ef19ac4a3652cf77528f

  • SSDEEP

    1536:/qbSe+Zk78NR3dN5nPGawuzXv4exFRKnFUs:/3e+a+3dN5+awuzX+nFj

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      fb670782d347f863145ee1d10dfd9eccdd39f78c84aed7bc83bc472dd51a7e95

    • Size

      66KB

    • MD5

      ec2be1c859f145dc7eef3dec024ffeb1

    • SHA1

      328464cb3ff5e1f33a099f6c1251293a794644df

    • SHA256

      fb670782d347f863145ee1d10dfd9eccdd39f78c84aed7bc83bc472dd51a7e95

    • SHA512

      2b4b0371c62a74ddcc0c7c5d0ea912c7ec954c965c7e358558bb3fe38f488f1301cac963e2a98f236ace3922241e3d8a43bd9c967ce3ef19ac4a3652cf77528f

    • SSDEEP

      1536:/qbSe+Zk78NR3dN5nPGawuzXv4exFRKnFUs:/3e+a+3dN5+awuzX+nFj

    Score
    7/10
    spywarestealer

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks