Overview

overview

7

Static

static

3

2fc90d54e0...c1.exe

windows7-x64

7

2fc90d54e0...c1.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2fc90d54e037126a73c8065f847fd77de73dfb0c7150f1ddbee7e6016e9bbfc1.exe

  • Size

    392KB

  • Sample

    240705-ddqm8atarg

  • MD5

    407025b0442dad02fabd9a7f835f66d0

  • SHA1

    bcdfc1264cb7b364c69bc8ff63708dc3004c817d

  • SHA256

    2fc90d54e037126a73c8065f847fd77de73dfb0c7150f1ddbee7e6016e9bbfc1

  • SHA512

    d3b840338322524cc68afc91ec78aeecb5b77723513752e0a72152e1e66f6d00bb46c3f24a943effc682f88b731aa60b718e00d80adbe464c5f362e235b7498f

  • SSDEEP

    12288:dXCNi9Bg5li3LkIcM4CBazPKLb368arfm5UYCO:oWgeorjEO8Um5UYp

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      2fc90d54e037126a73c8065f847fd77de73dfb0c7150f1ddbee7e6016e9bbfc1.exe

    • Size

      392KB

    • MD5

      407025b0442dad02fabd9a7f835f66d0

    • SHA1

      bcdfc1264cb7b364c69bc8ff63708dc3004c817d

    • SHA256

      2fc90d54e037126a73c8065f847fd77de73dfb0c7150f1ddbee7e6016e9bbfc1

    • SHA512

      d3b840338322524cc68afc91ec78aeecb5b77723513752e0a72152e1e66f6d00bb46c3f24a943effc682f88b731aa60b718e00d80adbe464c5f362e235b7498f

    • SSDEEP

      12288:dXCNi9Bg5li3LkIcM4CBazPKLb368arfm5UYCO:oWgeorjEO8Um5UYp

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks