Overview

overview

7

Static

static

3

88eda300d9...b6.exe

windows7-x64

7

88eda300d9...b6.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    88eda300d9262b34d2f09ed569d3c8277598447e81ac2fd7182ed0e8aac0dab6

  • Size

    227KB

  • Sample

    240620-ahsftssgll

  • MD5

    2be6eada4905c31db4f7e84589f83e0f

  • SHA1

    1c44083fcdd09827ebbc309d08d5247d2893b441

  • SHA256

    88eda300d9262b34d2f09ed569d3c8277598447e81ac2fd7182ed0e8aac0dab6

  • SHA512

    35a9e9ea79b4992e3071a633151c284bce7b2d45436622a9b1559b9f6a5a70f09f123846d423ddf86b22f846c87b66a99acfe65995327ed839140b0ac4608276

  • SSDEEP

    6144:A//ICMmDRxs3NBRBCdNiNnX3zufjiJX9dR3CG:A//vi9B0cX3zurih/5CG

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      88eda300d9262b34d2f09ed569d3c8277598447e81ac2fd7182ed0e8aac0dab6

    • Size

      227KB

    • MD5

      2be6eada4905c31db4f7e84589f83e0f

    • SHA1

      1c44083fcdd09827ebbc309d08d5247d2893b441

    • SHA256

      88eda300d9262b34d2f09ed569d3c8277598447e81ac2fd7182ed0e8aac0dab6

    • SHA512

      35a9e9ea79b4992e3071a633151c284bce7b2d45436622a9b1559b9f6a5a70f09f123846d423ddf86b22f846c87b66a99acfe65995327ed839140b0ac4608276

    • SSDEEP

      6144:A//ICMmDRxs3NBRBCdNiNnX3zufjiJX9dR3CG:A//vi9B0cX3zurih/5CG

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks