Overview

overview

7

Static

static

3

cd96213736...8a.exe

windows7-x64

7

cd96213736...8a.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cd96213736c9d5011df5deeb969d0ad0c0130c13537e7eaa2a62f078eba6ce8a

  • Size

    3.1MB

  • Sample

    240709-fxjecsxfqm

  • MD5

    3e3afa63ceb3e7c54a63844f65a62384

  • SHA1

    9bf15d3b10b8ebe5e4361c440242a337dc257f1a

  • SHA256

    cd96213736c9d5011df5deeb969d0ad0c0130c13537e7eaa2a62f078eba6ce8a

  • SHA512

    5d4c0d2c029c00b5193c29af90633b1595e75809fe9050c2f3317b76d98f1bb540b298255a71c83da2c40dabaf66147494ce289f6e4083c518f4b88ba085ba8f

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBrB/bSqz8b6LNXJqI2:sxX7QnxrloE5dpUpIbVz8eLFcz

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      cd96213736c9d5011df5deeb969d0ad0c0130c13537e7eaa2a62f078eba6ce8a

    • Size

      3.1MB

    • MD5

      3e3afa63ceb3e7c54a63844f65a62384

    • SHA1

      9bf15d3b10b8ebe5e4361c440242a337dc257f1a

    • SHA256

      cd96213736c9d5011df5deeb969d0ad0c0130c13537e7eaa2a62f078eba6ce8a

    • SHA512

      5d4c0d2c029c00b5193c29af90633b1595e75809fe9050c2f3317b76d98f1bb540b298255a71c83da2c40dabaf66147494ce289f6e4083c518f4b88ba085ba8f

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBrB/bSqz8b6LNXJqI2:sxX7QnxrloE5dpUpIbVz8eLFcz

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks