Overview

overview

7

Static

static

1

cul_gaym.exe

windows7-x64

7

cul_gaym.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cul_gaym.exe

  • Size

    1.3MB

  • Sample

    240505-ajma7sbd39

  • MD5

    509d4414f5f8d434b1d7e422d4f98e59

  • SHA1

    fa15be6c3ff354972b269811b240443c9fb46423

  • SHA256

    831d35aadd5ac64033574dee589c9a9f24f670f32ad63a40e33aa6ed4f4ac087

  • SHA512

    b3cbb5677a2b3ad99d5e9b2d629542c85245eda83d53e5e0adaa2b60e4ae4eaacc21a890d1c84c4167fa188273564e54006f59cc2457f83353ef6a91f048ced3

  • SSDEEP

    24576:HJvKqHgnhSC0badP0QiPYnSFELlFFx0A4cAhPSNfL1JD/tbOFmH:9KqAsadP0QiPzEz0AVISNT1JtMy

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      cul_gaym.exe

    • Size

      1.3MB

    • MD5

      509d4414f5f8d434b1d7e422d4f98e59

    • SHA1

      fa15be6c3ff354972b269811b240443c9fb46423

    • SHA256

      831d35aadd5ac64033574dee589c9a9f24f670f32ad63a40e33aa6ed4f4ac087

    • SHA512

      b3cbb5677a2b3ad99d5e9b2d629542c85245eda83d53e5e0adaa2b60e4ae4eaacc21a890d1c84c4167fa188273564e54006f59cc2457f83353ef6a91f048ced3

    • SSDEEP

      24576:HJvKqHgnhSC0badP0QiPYnSFELlFFx0A4cAhPSNfL1JD/tbOFmH:9KqAsadP0QiPzEz0AVISNT1JtMy

    Score
    7/10
    discoverypersistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks