Overview

overview

7

Static

static

3

14b133bd86...4a.exe

windows7-x64

7

14b133bd86...4a.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    14b133bd8639411ef6b6763659a7046e9b1c3e12585fd5879920217d65f3654a

  • Size

    2.1MB

  • Sample

    240707-xsvehaxakj

  • MD5

    7285cf55e3c24ef001eb04454088ecf6

  • SHA1

    152037a6845a14aae397688c21721ee09ec149fb

  • SHA256

    14b133bd8639411ef6b6763659a7046e9b1c3e12585fd5879920217d65f3654a

  • SHA512

    cc3995d15cae822803323c9538cdb17aa6ceb08324202530cd61f27d54d3677faa54e05b64c8b1619b01b043cf5b9299e0af5db7a644adab2e74bfb9e59231d8

  • SSDEEP

    49152:5SHTyBaHTzHg+gSWZavWo63/25MBmrhmtw:STyKPA+gSao63jmrAw

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      14b133bd8639411ef6b6763659a7046e9b1c3e12585fd5879920217d65f3654a

    • Size

      2.1MB

    • MD5

      7285cf55e3c24ef001eb04454088ecf6

    • SHA1

      152037a6845a14aae397688c21721ee09ec149fb

    • SHA256

      14b133bd8639411ef6b6763659a7046e9b1c3e12585fd5879920217d65f3654a

    • SHA512

      cc3995d15cae822803323c9538cdb17aa6ceb08324202530cd61f27d54d3677faa54e05b64c8b1619b01b043cf5b9299e0af5db7a644adab2e74bfb9e59231d8

    • SSDEEP

      49152:5SHTyBaHTzHg+gSWZavWo63/25MBmrhmtw:STyKPA+gSao63jmrAw

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks