Overview

overview

7

Static

static

3

15170457ba...4a.exe

windows7-x64

7

15170457ba...4a.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    15170457bae13618cd1ec822df68ee4fa219c9cb2336508b5a9fe38173ec074a

  • Size

    3.9MB

  • Sample

    240602-xx1r3sch84

  • MD5

    50eb3046bd2c37ae147c31875d4a6172

  • SHA1

    eb63662322ca1473a0ac69f55ff43e4f63474a62

  • SHA256

    15170457bae13618cd1ec822df68ee4fa219c9cb2336508b5a9fe38173ec074a

  • SHA512

    7ae212730319ed29711df3411ef67b168dde4b58e4d16b1258b9876b3ed0f87dfc3d43ed73f3ec4424f1869d283cfa982a8b38c446cf6d44ef0ff536296eec20

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp2bVz8eLFcz

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      15170457bae13618cd1ec822df68ee4fa219c9cb2336508b5a9fe38173ec074a

    • Size

      3.9MB

    • MD5

      50eb3046bd2c37ae147c31875d4a6172

    • SHA1

      eb63662322ca1473a0ac69f55ff43e4f63474a62

    • SHA256

      15170457bae13618cd1ec822df68ee4fa219c9cb2336508b5a9fe38173ec074a

    • SHA512

      7ae212730319ed29711df3411ef67b168dde4b58e4d16b1258b9876b3ed0f87dfc3d43ed73f3ec4424f1869d283cfa982a8b38c446cf6d44ef0ff536296eec20

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp2bVz8eLFcz

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks