Overview

overview

7

Static

static

3

6125ff31a0...8a.exe

windows7-x64

7

6125ff31a0...8a.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6125ff31a0b938c5a392f9673055e6444337dbb259d06255a1717d948213358a

  • Size

    1.3MB

  • Sample

    240706-2bsa2awhqf

  • MD5

    a4ec5deedad6e98443dc1c5428422303

  • SHA1

    47e74904cdde579990ff2abbffbca1e02fb9b689

  • SHA256

    6125ff31a0b938c5a392f9673055e6444337dbb259d06255a1717d948213358a

  • SHA512

    6e4b09b7bb39dba133ba0dac568fb5ffe2574e0fb7963a955037b4d39583994424e73ffec9b1cb65a604ba82f4132fd52d74f8839d5a629d937d828348897b1c

  • SSDEEP

    24576:oWATI6CqOjcrPzbQjxs8iTssdQqie0XldyMHroctUj2TOoQgzn3aSv:VATTfrrEDsTdQm0pxmiqgGE

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      6125ff31a0b938c5a392f9673055e6444337dbb259d06255a1717d948213358a

    • Size

      1.3MB

    • MD5

      a4ec5deedad6e98443dc1c5428422303

    • SHA1

      47e74904cdde579990ff2abbffbca1e02fb9b689

    • SHA256

      6125ff31a0b938c5a392f9673055e6444337dbb259d06255a1717d948213358a

    • SHA512

      6e4b09b7bb39dba133ba0dac568fb5ffe2574e0fb7963a955037b4d39583994424e73ffec9b1cb65a604ba82f4132fd52d74f8839d5a629d937d828348897b1c

    • SSDEEP

      24576:oWATI6CqOjcrPzbQjxs8iTssdQqie0XldyMHroctUj2TOoQgzn3aSv:VATTfrrEDsTdQm0pxmiqgGE

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks