Overview

overview

7

Static

static

3

391d97b412...85.exe

windows7-x64

7

391d97b412...85.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    391d97b412110336f802ee73ff8697704db23fe0b173c96020bac0389d371585

  • Size

    523KB

  • Sample

    240705-zcv27sxfje

  • MD5

    fc67b136c394a171f68478845b93a08a

  • SHA1

    90d791848b16b53b57fc4ce10b93a1ba96414d2d

  • SHA256

    391d97b412110336f802ee73ff8697704db23fe0b173c96020bac0389d371585

  • SHA512

    f598c9f136be39cf5bab56dca89ebc3b12e7d68a977a6aeb685692c61d5ece6a26f91796aece11bc9937b6aa82eaf8c285e454c91fa34ee1ca8c0be7543758e4

  • SSDEEP

    12288:dXCNi9BNUDuQP7RbENpzUXL1olvadcqwYxTGSNFJlIOZL/7uNFHc:oWNaRbOKK5a6JYFGYJSOLt

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      391d97b412110336f802ee73ff8697704db23fe0b173c96020bac0389d371585

    • Size

      523KB

    • MD5

      fc67b136c394a171f68478845b93a08a

    • SHA1

      90d791848b16b53b57fc4ce10b93a1ba96414d2d

    • SHA256

      391d97b412110336f802ee73ff8697704db23fe0b173c96020bac0389d371585

    • SHA512

      f598c9f136be39cf5bab56dca89ebc3b12e7d68a977a6aeb685692c61d5ece6a26f91796aece11bc9937b6aa82eaf8c285e454c91fa34ee1ca8c0be7543758e4

    • SSDEEP

      12288:dXCNi9BNUDuQP7RbENpzUXL1olvadcqwYxTGSNFJlIOZL/7uNFHc:oWNaRbOKK5a6JYFGYJSOLt

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks