Overview

overview

7

Static

static

3

f468b31ea2...cf.exe

windows7-x64

7

f468b31ea2...cf.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f468b31ea2bdfa0d8665c8d99c18895c8e28895dae6e8c70ed15425a0e1d8acf

  • Size

    220KB

  • Sample

    240707-f7686sxcqf

  • MD5

    6d85ebcbc32c933cb5d8249cf1c333e0

  • SHA1

    47f50f2395caf7b01b9cd3832f0136e8c31afbe0

  • SHA256

    f468b31ea2bdfa0d8665c8d99c18895c8e28895dae6e8c70ed15425a0e1d8acf

  • SHA512

    fbc70753f623b80f0d96182059892c0254f1ffdb8d171e2104d9e91bf23bb2342f52b3e4ae2b40b9a0f087302aaf23a8805101411f49881ed1a03ca00ea325d2

  • SSDEEP

    6144:A//ICMmDRxs3NBR7Edysbp7VY7XcagUsYLoMow:A//vi9B1EpaIusYLo0

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      f468b31ea2bdfa0d8665c8d99c18895c8e28895dae6e8c70ed15425a0e1d8acf

    • Size

      220KB

    • MD5

      6d85ebcbc32c933cb5d8249cf1c333e0

    • SHA1

      47f50f2395caf7b01b9cd3832f0136e8c31afbe0

    • SHA256

      f468b31ea2bdfa0d8665c8d99c18895c8e28895dae6e8c70ed15425a0e1d8acf

    • SHA512

      fbc70753f623b80f0d96182059892c0254f1ffdb8d171e2104d9e91bf23bb2342f52b3e4ae2b40b9a0f087302aaf23a8805101411f49881ed1a03ca00ea325d2

    • SSDEEP

      6144:A//ICMmDRxs3NBR7Edysbp7VY7XcagUsYLoMow:A//vi9B1EpaIusYLo0

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks