Overview

overview

7

Static

static

3

5a8c347ce4...58.exe

windows7-x64

7

5a8c347ce4...58.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    5a8c347ce4a47cdadb61e69ddbafce7667bb8857777c51cc0a80b06caacdc258

  • Size

    1.8MB

  • Sample

    240704-1w5ana1fnj

  • MD5

    08f34908c47f9a89de65a350065bf505

  • SHA1

    27c195d1636142fcf5e216bcd1e3d43422d2e679

  • SHA256

    5a8c347ce4a47cdadb61e69ddbafce7667bb8857777c51cc0a80b06caacdc258

  • SHA512

    af1216dab035a984f1a492775328ac625debe83e9aa88fdadbe38e9239556667e6351d20acf2db96a8ee82f4847e12a633b6d70ecba385b869ce70ac91381b9c

  • SSDEEP

    49152:VWoNEJRpJZTqLJue89oOc0axI0KFqrXGSF3G3Kv6lcki4Glv:1NEJf7TsJuxoZ04IXqrG83G3KvCc0G5

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      5a8c347ce4a47cdadb61e69ddbafce7667bb8857777c51cc0a80b06caacdc258

    • Size

      1.8MB

    • MD5

      08f34908c47f9a89de65a350065bf505

    • SHA1

      27c195d1636142fcf5e216bcd1e3d43422d2e679

    • SHA256

      5a8c347ce4a47cdadb61e69ddbafce7667bb8857777c51cc0a80b06caacdc258

    • SHA512

      af1216dab035a984f1a492775328ac625debe83e9aa88fdadbe38e9239556667e6351d20acf2db96a8ee82f4847e12a633b6d70ecba385b869ce70ac91381b9c

    • SSDEEP

      49152:VWoNEJRpJZTqLJue89oOc0axI0KFqrXGSF3G3Kv6lcki4Glv:1NEJf7TsJuxoZ04IXqrG83G3KvCc0G5

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks