Overview

overview

7

Static

static

3

4b49acfde6...68.exe

windows7-x64

7

4b49acfde6...68.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    4b49acfde6a4d8434876935ad96935f69d05ee105cb623ca60debddea03bef68

  • Size

    1.5MB

  • Sample

    240704-z95b5ssclf

  • MD5

    67a88dff928c35523667acac2ffe6e97

  • SHA1

    ebf6b73069abc55a6b72a8e19f650a5bf6f30e92

  • SHA256

    4b49acfde6a4d8434876935ad96935f69d05ee105cb623ca60debddea03bef68

  • SHA512

    0316f4128ad8bba06eba8667bd24cda09b04df911067f73df31c98e4d2cd3091010b61fa759fd375bdaf6eb9d326c76ca4454aeaac11e9a951f1ee8be1449467

  • SSDEEP

    49152:VoBA3jTh5yCvm1KzwuTDfLetQifH1Bf9nMBO:39vouTHetLP1Bf9nMo

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      4b49acfde6a4d8434876935ad96935f69d05ee105cb623ca60debddea03bef68

    • Size

      1.5MB

    • MD5

      67a88dff928c35523667acac2ffe6e97

    • SHA1

      ebf6b73069abc55a6b72a8e19f650a5bf6f30e92

    • SHA256

      4b49acfde6a4d8434876935ad96935f69d05ee105cb623ca60debddea03bef68

    • SHA512

      0316f4128ad8bba06eba8667bd24cda09b04df911067f73df31c98e4d2cd3091010b61fa759fd375bdaf6eb9d326c76ca4454aeaac11e9a951f1ee8be1449467

    • SSDEEP

      49152:VoBA3jTh5yCvm1KzwuTDfLetQifH1Bf9nMBO:39vouTHetLP1Bf9nMo

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks