Overview

overview

7

Static

static

3

f6d2b86e19...1d.exe

windows7-x64

7

f6d2b86e19...1d.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f6d2b86e191b6340614284d05c18c40767839a521bf1632e0adede32c929c31d

  • Size

    2.0MB

  • Sample

    240630-eaf52stcpg

  • MD5

    1f22b70f68a8a9e487e56bdce1224278

  • SHA1

    f8ae59d9925168c2bc82a390d17b3879edf7ddce

  • SHA256

    f6d2b86e191b6340614284d05c18c40767839a521bf1632e0adede32c929c31d

  • SHA512

    4109d155e0d629e682e5975157180e8edf30d5c1184cb03388cb75d52fda9f28527712026ca0fc0f5f5f9e32a3d85240ef5f8daadcc8f463afdbded1c41c1eb0

  • SSDEEP

    49152:CC45t85qsFa+nGkZa0NcDKi3wxiKKrAkUIbBy:m+e0NcDKi3wxsrxvc

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      f6d2b86e191b6340614284d05c18c40767839a521bf1632e0adede32c929c31d

    • Size

      2.0MB

    • MD5

      1f22b70f68a8a9e487e56bdce1224278

    • SHA1

      f8ae59d9925168c2bc82a390d17b3879edf7ddce

    • SHA256

      f6d2b86e191b6340614284d05c18c40767839a521bf1632e0adede32c929c31d

    • SHA512

      4109d155e0d629e682e5975157180e8edf30d5c1184cb03388cb75d52fda9f28527712026ca0fc0f5f5f9e32a3d85240ef5f8daadcc8f463afdbded1c41c1eb0

    • SSDEEP

      49152:CC45t85qsFa+nGkZa0NcDKi3wxiKKrAkUIbBy:m+e0NcDKi3wxsrxvc

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks