Overview

overview

7

Static

static

3

29d17c0428...02.exe

windows7-x64

7

29d17c0428...02.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    29d17c04283b88133fcb373e38cf7bcfddf2e3ee3d20e48dd1fbb49801d82b02

  • Size

    3.9MB

  • Sample

    240503-ymeyasha27

  • MD5

    e227d29b4deb424f2d633928b9dbb8a1

  • SHA1

    20285e246c35bf425edfce43e1e0caebc2552723

  • SHA256

    29d17c04283b88133fcb373e38cf7bcfddf2e3ee3d20e48dd1fbb49801d82b02

  • SHA512

    74e4c4b23747a0e3cddc6af7fd4c1c77b34cb3618a480374599a01d05cbf3003293baee67d27886b777cadbd765f1e9270d6a4fe8ef2e3de814559be5fe0900a

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBoB/bSqz8:sxX7QnxrloE5dpUpDbVz8

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      29d17c04283b88133fcb373e38cf7bcfddf2e3ee3d20e48dd1fbb49801d82b02

    • Size

      3.9MB

    • MD5

      e227d29b4deb424f2d633928b9dbb8a1

    • SHA1

      20285e246c35bf425edfce43e1e0caebc2552723

    • SHA256

      29d17c04283b88133fcb373e38cf7bcfddf2e3ee3d20e48dd1fbb49801d82b02

    • SHA512

      74e4c4b23747a0e3cddc6af7fd4c1c77b34cb3618a480374599a01d05cbf3003293baee67d27886b777cadbd765f1e9270d6a4fe8ef2e3de814559be5fe0900a

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBoB/bSqz8:sxX7QnxrloE5dpUpDbVz8

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks