Overview

overview

7

Static

static

3

FA AntiVir...ch.exe

windows10-2004-x64

7

iubhnuerfw...hi.bat

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Hilf Mir.zip

  • Size

    7.0MB

  • Sample

    240528-stmzlabc86

  • MD5

    1aed54ff325392cb52b6a24acf1e3750

  • SHA1

    2718e191cb2625b93ef9ae03098a0894b860dd3d

  • SHA256

    44f8066f26221811ada486cd0182f6d264eda747f67f42245bae9265a28180c4

  • SHA512

    7ffec3d1044f1d457443318b02607f3be58d514af69d26733047c27b87924440d5a63e57d0b807e85ec7a4768368481786ebaa8a2bc9b5fe70774615a17fb73a

  • SSDEEP

    196608:c/o/92s54yd+qKeHlaRxndb1jbKOQiHJPcCi+rJT3U:V0qtd+zZRxnt1jbKf8JSiJ3U

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      FA AntiVira Prosses Watch.exe

    • Size

      7.1MB

    • MD5

      caa42dc6f730560ba4d998187f0271ef

    • SHA1

      da89545ced74d4f7f5b7550d62ee738a37d156bc

    • SHA256

      f2d01f2c7f9922794e07a21cbe62be87e1ce52e7384834f1065c05ca73541b25

    • SHA512

      b305ecc64bd57db6eef344e3116ab4770b905efc632dc65b2fd866e52574d1cf48ec61a09df485303a056b9686649816abf0be3e7a04c1cc1499e6d93f4c6524

    • SSDEEP

      196608:1s+WA1HeT39IigheE9TFa0Z8DOjCdylNownzbQWa0ngx:/1+TtIibY9Z8D8CclyUnwigx

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

    • Target

      iubhnuerfwiuherwfiuhewfiuhewfiuiuefwuihefwuihewfuhewfuewfueuwfhi.bat

    • Size

      583B

    • MD5

      a88236b393cbea80f72d29785be483c3

    • SHA1

      6ebf04c2270e2738f7c6d2ccb4f2eb2d38335f1f

    • SHA256

      278fa8d4fb12b506bb712bc9a5562bc1718f88a0a53899ffe479b51c6bf55cf2

    • SHA512

      fdd5202f6569e4822d3148417153d5b0e1446b731f162ace04f78a726d77555e6b5e9856be8c34f3fc046ba960d88084fb550adf155a496d01e6c97665da4aca

    Score
    1/10
    behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks