Overview

overview

7

Static

static

3

62d1e82a00...5a.exe

windows7-x64

7

62d1e82a00...5a.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    62d1e82a004ecbbb041ed2db773539ae2fe91acec276eac693654a518525db5a

  • Size

    4.1MB

  • Sample

    240604-193nzsec27

  • MD5

    9e432b1ad528e6b08c2aded818a4b084

  • SHA1

    c290956144cd8138faae0401570204140c0516cf

  • SHA256

    62d1e82a004ecbbb041ed2db773539ae2fe91acec276eac693654a518525db5a

  • SHA512

    feb0317e0ea9ccd7366abb3fedd2f6c80f701d549bf71e9c016e73b9168a387e5b029e095404f5d5aa392082d28ea5f3dda3351ff4cb891ccafe7f270b54d440

  • SSDEEP

    98304:+R0pI/IQlUoMPdmpSpb4ADtnkgvNWlw6aTfN41v:+R0pIAQhMPdm05n9klRKN41v

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      62d1e82a004ecbbb041ed2db773539ae2fe91acec276eac693654a518525db5a

    • Size

      4.1MB

    • MD5

      9e432b1ad528e6b08c2aded818a4b084

    • SHA1

      c290956144cd8138faae0401570204140c0516cf

    • SHA256

      62d1e82a004ecbbb041ed2db773539ae2fe91acec276eac693654a518525db5a

    • SHA512

      feb0317e0ea9ccd7366abb3fedd2f6c80f701d549bf71e9c016e73b9168a387e5b029e095404f5d5aa392082d28ea5f3dda3351ff4cb891ccafe7f270b54d440

    • SSDEEP

      98304:+R0pI/IQlUoMPdmpSpb4ADtnkgvNWlw6aTfN41v:+R0pIAQhMPdm05n9klRKN41v

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks