Overview

overview

7

Static

static

3

74d5af9801...76.exe

windows7-x64

7

74d5af9801...76.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    74d5af980118f27f10aed47aa81d40c54ec6ddb63a86f250a043036753ede376

  • Size

    729KB

  • Sample

    240703-3e2jjs1gpq

  • MD5

    431b384ce251e89e07523498e7c204c7

  • SHA1

    da930ffd9942de8a808344e05f82934e26555892

  • SHA256

    74d5af980118f27f10aed47aa81d40c54ec6ddb63a86f250a043036753ede376

  • SHA512

    16a3b08c4d158f808c4144f49a5b824aa41a724138b171e530235754c9eba54483d53e9261e6ecc2b7b4e0305abb5219076e9678adf1d97c6d394a333409a9b4

  • SSDEEP

    12288:JXCNi9B1WcTTHpjFGPOpvqLxQqpAg3nOEXwNqwaQwhPbvYHBFd4an5YttOLWsj1W:sWUcTTHphGP0WxtB3nOEYB0hzvYHJp5k

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      74d5af980118f27f10aed47aa81d40c54ec6ddb63a86f250a043036753ede376

    • Size

      729KB

    • MD5

      431b384ce251e89e07523498e7c204c7

    • SHA1

      da930ffd9942de8a808344e05f82934e26555892

    • SHA256

      74d5af980118f27f10aed47aa81d40c54ec6ddb63a86f250a043036753ede376

    • SHA512

      16a3b08c4d158f808c4144f49a5b824aa41a724138b171e530235754c9eba54483d53e9261e6ecc2b7b4e0305abb5219076e9678adf1d97c6d394a333409a9b4

    • SSDEEP

      12288:JXCNi9B1WcTTHpjFGPOpvqLxQqpAg3nOEXwNqwaQwhPbvYHBFd4an5YttOLWsj1W:sWUcTTHphGP0WxtB3nOEYB0hzvYHJp5k

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks