7d5cd0eb075e7c20d8bcbf3db626fccaf71233a23c0a59e9de057b766448cd0c | Triage

Submit
Reports

Overview

overview

7

Static

static

3

c11e274628...9d.exe

windows7-x64

7

c11e274628...9d.exe

windows10-2004-x64

7

Sharing

General

Target

c11e274628aa96f78306c9bafdc6419d.bin
Size

2.0MB
Sample

240709-ckjb2s1cmp
MD5

c11e274628aa96f78306c9bafdc6419d
SHA1

94ce3a3e3534dabc2fd80a0e035d0445c41445b6
SHA256

7d5cd0eb075e7c20d8bcbf3db626fccaf71233a23c0a59e9de057b766448cd0c
SHA512

fbe7ba26f314f5a95ae29541c80289e446ee9179eb7abbe7ece891eeef325a2f2c50b189ff9a38b77ce14b470bcf0e17ecea1dcdfca3a23213eabf8c0aff7725
SSDEEP

49152:AFx9+9VD2SouuFOnYIsE5JIMzHRX4DQ+Zns5dcbniCbo:8x9iuFOnYHEXQ38cbnnb

Score

7^/10

evasion spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c11e274628aa96f78306c9bafdc6419d.exe

Resource

win7-20240705-en

evasion spyware stealer trojan

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

c11e274628aa96f78306c9bafdc6419d.exe

Resource

win10v2004-20240704-en

evasion spyware stealer trojan

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  c11e274628aa96f78306c9bafdc6419d.bin
- Size
  
  2.0MB
- MD5
  
  c11e274628aa96f78306c9bafdc6419d
- SHA1
  
  94ce3a3e3534dabc2fd80a0e035d0445c41445b6
- SHA256
  
  7d5cd0eb075e7c20d8bcbf3db626fccaf71233a23c0a59e9de057b766448cd0c
- SHA512
  
  fbe7ba26f314f5a95ae29541c80289e446ee9179eb7abbe7ece891eeef325a2f2c50b189ff9a38b77ce14b470bcf0e17ecea1dcdfca3a23213eabf8c0aff7725
- SSDEEP
  
  49152:AFx9+9VD2SouuFOnYIsE5JIMzHRX4DQ+Zns5dcbniCbo:8x9iuFOnYHEXQ38cbnnb
Score

7^/10

evasion spyware stealer trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionspywarestealertrojan

behavioral2

evasionspywarestealertrojan

© 2018-2024

Terms | Privacy