Overview

overview

7

Static

static

3

0ecf11ea1c...87.exe

windows7-x64

7

0ecf11ea1c...87.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0ecf11ea1cf07dbd500600c80260bfb85309db61bf51843bd35ef90eb52ccf87

  • Size

    1.7MB

  • Sample

    240630-xe1z5awbqk

  • MD5

    c7113d5c8d647742ba6f8e5571142bf8

  • SHA1

    cea3509b6dff8e1f5cbb4ea8130ea60451ac6f1c

  • SHA256

    0ecf11ea1cf07dbd500600c80260bfb85309db61bf51843bd35ef90eb52ccf87

  • SHA512

    73eabdbf235af55a394c69623a5e5a97d3101fb37e64118a066b26458935a75f97dc0f74662afed57da0e3b4c3d1f2e15005d4f58aed78b57960797b75b0622f

  • SSDEEP

    24576:oWq91xUvfhXziRnwsgxHDx5zVAwIu/DeEHTT3solEW4by1xfSxk0l3Cj7lJ5pPWl:VqEfxmWx572Yx/O3Cf5NSB

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      0ecf11ea1cf07dbd500600c80260bfb85309db61bf51843bd35ef90eb52ccf87

    • Size

      1.7MB

    • MD5

      c7113d5c8d647742ba6f8e5571142bf8

    • SHA1

      cea3509b6dff8e1f5cbb4ea8130ea60451ac6f1c

    • SHA256

      0ecf11ea1cf07dbd500600c80260bfb85309db61bf51843bd35ef90eb52ccf87

    • SHA512

      73eabdbf235af55a394c69623a5e5a97d3101fb37e64118a066b26458935a75f97dc0f74662afed57da0e3b4c3d1f2e15005d4f58aed78b57960797b75b0622f

    • SSDEEP

      24576:oWq91xUvfhXziRnwsgxHDx5zVAwIu/DeEHTT3solEW4by1xfSxk0l3Cj7lJ5pPWl:VqEfxmWx572Yx/O3Cf5NSB

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks