Overview

overview

7

Static

static

3

18666aa5d5...20.exe

windows7-x64

7

18666aa5d5...20.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    18666aa5d537154585d9e58c01394320.exe

  • Size

    195KB

  • Sample

    240705-3f2wps1fmf

  • MD5

    18666aa5d537154585d9e58c01394320

  • SHA1

    17ca83a609d961127f628c7903bed11947afd3fa

  • SHA256

    23d52b44a6d3a9d85a269cda810bb0a42cb62926c89f7fc0a1dc9ba40a5873ca

  • SHA512

    e6ccb0b5797d8643c14bf5255e685b581c0192520ab6cb2fc5385e4ae587fbccb523ba2e1a0703b728c6652384dcf78435919a909969d90134d24e7ac7fa518b

  • SSDEEP

    6144:A//ICMmDRxs3NBR0H7sJZfdaiy6nWSLz4bjmsA/:A//vi9BgAJZUFI4bCb

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      18666aa5d537154585d9e58c01394320.exe

    • Size

      195KB

    • MD5

      18666aa5d537154585d9e58c01394320

    • SHA1

      17ca83a609d961127f628c7903bed11947afd3fa

    • SHA256

      23d52b44a6d3a9d85a269cda810bb0a42cb62926c89f7fc0a1dc9ba40a5873ca

    • SHA512

      e6ccb0b5797d8643c14bf5255e685b581c0192520ab6cb2fc5385e4ae587fbccb523ba2e1a0703b728c6652384dcf78435919a909969d90134d24e7ac7fa518b

    • SSDEEP

      6144:A//ICMmDRxs3NBR0H7sJZfdaiy6nWSLz4bjmsA/:A//vi9BgAJZUFI4bCb

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks