Overview

overview

10

Static

static

3

money.exe

windows7-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    money.exe

  • Size

    1006KB

  • Sample

    240613-rbnbzawdkk

  • MD5

    fcbf3f810e0cdab6e967bc24a18277fc

  • SHA1

    76357529050a0ec31343f07e60831ccdc12c21cc

  • SHA256

    1ca658f19a4276702f289e213513fb2dead1d18b6667850f011989ed4ac3b464

  • SHA512

    b654efea7494abbd7d0b9431d233b9a58469788608cb4ac056852fff7e06e994efde58de558c271e68c6d0ff757d73ef6221d596a64839fa1c35975f647f6667

  • SSDEEP

    24576:BoS2Tn8G5EoSZl1gOxWBePia9/GZ+GDy9aU5Ltu5WFFuGySq:6S2T8iE71TxWBe6a9/m+GxoLtrBySq

Score
10/10
evasionexecutionransomwarespywarestealertrojan

Malware Config

Targets

    • Target

      money.exe

    • Size

      1006KB

    • MD5

      fcbf3f810e0cdab6e967bc24a18277fc

    • SHA1

      76357529050a0ec31343f07e60831ccdc12c21cc

    • SHA256

      1ca658f19a4276702f289e213513fb2dead1d18b6667850f011989ed4ac3b464

    • SHA512

      b654efea7494abbd7d0b9431d233b9a58469788608cb4ac056852fff7e06e994efde58de558c271e68c6d0ff757d73ef6221d596a64839fa1c35975f647f6667

    • SSDEEP

      24576:BoS2Tn8G5EoSZl1gOxWBePia9/GZ+GDy9aU5Ltu5WFFuGySq:6S2T8iE71TxWBe6a9/m+GxoLtrBySq

    Score
    10/10
    evasionexecutionransomwarespywarestealertrojan

    • UAC bypass

      evasiontrojan

    • Disables Task Manager via registry modification

      evasion

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks