Overview

overview

10

Static

static

10

8de76539d6...e4.exe

windows7-x64

10

8de76539d6...e4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8de76539d6d64228ae987107ab718b82bb93c163e42235402f96a48f26c49ce4

  • Size

    111KB

  • Sample

    240706-vzhceaygmf

  • MD5

    44fa4c011697e2dc2d149219a9949740

  • SHA1

    7925497efd9ef5ac7e859d50e5861e690f4d7c4f

  • SHA256

    8de76539d6d64228ae987107ab718b82bb93c163e42235402f96a48f26c49ce4

  • SHA512

    165f88076246bb671c8556f2cf5e74570d0c4728ac65305cd936e7480c0739fab9e77f7a152f5a639ef6c18af50c982fce4dd132c72f78f0d1e6b6052367296f

  • SSDEEP

    1536:l6JUfYrWajy6Ps/NLgxgkRb5rZn65lYC1IBKOkBs1OnsUgSOpWEfMF:OUTajyUCtKgq5c5l11IBKOSsQ9

Score
10/10
phemedronespywarestealer

Malware Config

Extracted

Family

phemedrone

C2

https://api.telegram.org/bot6861530662:AAFueJRxaIZGz_oVT2-CVuuL9N0MRsh-5_Y/sendDocument

Targets

    • Target

      8de76539d6d64228ae987107ab718b82bb93c163e42235402f96a48f26c49ce4

    • Size

      111KB

    • MD5

      44fa4c011697e2dc2d149219a9949740

    • SHA1

      7925497efd9ef5ac7e859d50e5861e690f4d7c4f

    • SHA256

      8de76539d6d64228ae987107ab718b82bb93c163e42235402f96a48f26c49ce4

    • SHA512

      165f88076246bb671c8556f2cf5e74570d0c4728ac65305cd936e7480c0739fab9e77f7a152f5a639ef6c18af50c982fce4dd132c72f78f0d1e6b6052367296f

    • SSDEEP

      1536:l6JUfYrWajy6Ps/NLgxgkRb5rZn65lYC1IBKOkBs1OnsUgSOpWEfMF:OUTajyUCtKgq5c5l11IBKOSsQ9

    Score
    10/10
    phemedronespywarestealer

    • Phemedrone

      An information and wallet stealer written in C#.

      stealerphemedrone

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks