Overview

overview

7

Static

static

3

6bc9a9f88a...3a.exe

windows7-x64

7

6bc9a9f88a...3a.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6bc9a9f88a34ba2bcfb26ed8645db8d1eb7a911b0091cf9beb8d3f30ffa3543a

  • Size

    2.7MB

  • Sample

    240522-2rt5kaca38

  • MD5

    679bd9d09f638d451ca73641e5544839

  • SHA1

    70018c405d497826a1a1ab6e31f87e83240a288f

  • SHA256

    6bc9a9f88a34ba2bcfb26ed8645db8d1eb7a911b0091cf9beb8d3f30ffa3543a

  • SHA512

    cfacaf648b1b1c732c0d3e9ce7edc41fbba6a04cef6be51c1adea52c89e1c335c1bfb7a59242e8b3d2800f1f3d3a5c371c6af299d6ab4cb6f4f2b6e5c2b146b8

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBWB/bSq:sxX7QnxrloE5dpUpxbV

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      6bc9a9f88a34ba2bcfb26ed8645db8d1eb7a911b0091cf9beb8d3f30ffa3543a

    • Size

      2.7MB

    • MD5

      679bd9d09f638d451ca73641e5544839

    • SHA1

      70018c405d497826a1a1ab6e31f87e83240a288f

    • SHA256

      6bc9a9f88a34ba2bcfb26ed8645db8d1eb7a911b0091cf9beb8d3f30ffa3543a

    • SHA512

      cfacaf648b1b1c732c0d3e9ce7edc41fbba6a04cef6be51c1adea52c89e1c335c1bfb7a59242e8b3d2800f1f3d3a5c371c6af299d6ab4cb6f4f2b6e5c2b146b8

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBWB/bSq:sxX7QnxrloE5dpUpxbV

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks