Overview

overview

10

Static

static

10

SecuriteIn...62.exe

windows7-x64

10

SecuriteIn...62.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Win32.PWSX-gen.29407.62.exe

  • Size

    120KB

  • Sample

    240507-mghlfseg45

  • MD5

    8c2736f5091792552be21809ae434207

  • SHA1

    4f413ffb059cc18c18d97ddea978be374f77e931

  • SHA256

    71b506b1fbf26cef2b28bed51237f1f15e2fa7984af2a563aeb35a1e3cc71d64

  • SHA512

    027abadc2e1245518639d79bbf1da167d2e7c203b29bc9bd0e715828386a18b77b9790abbedf1e3ad4e23494ec1eabe64de0e9349a91ddbebcfefcc9dc2d1a74

  • SSDEEP

    3072:wIm8e369TeB1PdLOGmrqnSILlNwz4UVSKW2yLW2w:wp3696nJmrODUVhgL+

Score
10/10
purelogstealerzgratcollectionratspywarestealer

Malware Config

Targets

    • Target

      SecuriteInfo.com.Win32.PWSX-gen.29407.62.exe

    • Size

      120KB

    • MD5

      8c2736f5091792552be21809ae434207

    • SHA1

      4f413ffb059cc18c18d97ddea978be374f77e931

    • SHA256

      71b506b1fbf26cef2b28bed51237f1f15e2fa7984af2a563aeb35a1e3cc71d64

    • SHA512

      027abadc2e1245518639d79bbf1da167d2e7c203b29bc9bd0e715828386a18b77b9790abbedf1e3ad4e23494ec1eabe64de0e9349a91ddbebcfefcc9dc2d1a74

    • SSDEEP

      3072:wIm8e369TeB1PdLOGmrqnSILlNwz4UVSKW2yLW2w:wp3696nJmrODUVhgL+

    Score
    10/10
    purelogstealerstealerzgratcollectionratspyware

    • Detect ZGRat V1

    • PureLog Stealer

      PureLog Stealer is an infostealer written in C#.

      stealerpurelogstealer

    • PureLog Stealer payload

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Drops startup file

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks