Overview

overview

10

Static

static

10

0a03e2a72c...ee.exe

windows7-x64

10

0a03e2a72c...ee.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b452c0c703f20d6092be28a257ac391.bin

  • Size

    54KB

  • Sample

    240620-d8xp1s1ekq

  • MD5

    cd66b25b102aa89334a56b509e6427a1

  • SHA1

    06c6ef4ab31f5b3c03c0d32ee397b858cf6f34a0

  • SHA256

    00f50ec668307da0b028bc9769b3ef6cfa8100ea505021350af94a6313e8c5ca

  • SHA512

    c7b9d35b6b7cac51fed6be6ac73df78d0be376b4cde8d7c934c59bd4961bda687d4d620be10b98ca2bcd2c03ff42549526c0bce209fa22605ecaa2e24279797d

  • SSDEEP

    1536:BSlRQOG9IdVegTXMMW1lK9Njorjuf7zfOkGOaQjKPSeP:8Ry9MVe01W1AorjuWBTqa

Score
10/10
phemedronespywarestealer

Malware Config

Extracted

Family

phemedrone

C2

https://api.telegram.org/bot7034708090:AAFZQLDfGh63yhaFB1-Ey_Z8NfTyqDfE8ew/sendDocument

Targets

    • Target

      0a03e2a72c3dd45f44f88f7686d7d341e76d176baae2480079fa0dc9d5f844ee.exe

    • Size

      115KB

    • MD5

      9b452c0c703f20d6092be28a257ac391

    • SHA1

      b7a96b5b939f14395139a753d1fd427c0a31a876

    • SHA256

      0a03e2a72c3dd45f44f88f7686d7d341e76d176baae2480079fa0dc9d5f844ee

    • SHA512

      f2a3780cfccb1b7006ebbe00282bacf580ee0e5884711e1eda5c5a571bb7564caa168e891e8fd5b1bad7c2fda596c6adca3b32052752b4d8d6583847f6f6e967

    • SSDEEP

      1536:lr9TeZRDy8hZy3RRCGy9B1FKny6dgbe656cxLNfWdng2lKht4:596ZR+jiB1EnHds56CW6e

    Score
    10/10
    phemedronespywarestealer

    • Phemedrone

      An information and wallet stealer written in C#.

      stealerphemedrone

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks