Overview

overview

7

Static

static

3

8b2b4d2738...77.exe

windows7-x64

7

8b2b4d2738...77.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b2b4d2738485721ca9cb437c488e55e1b654a0b4e769cc8f7f590c3ee511b77

  • Size

    901KB

  • Sample

    240710-bnl2nszald

  • MD5

    36e6f1987dafb002b19404c9508c6a3a

  • SHA1

    d84face4a94cf065d319c3b2339931bc2c678e53

  • SHA256

    8b2b4d2738485721ca9cb437c488e55e1b654a0b4e769cc8f7f590c3ee511b77

  • SHA512

    6ace91d5a5f9e67acea49a52634456842139174ae49cdaa1a1867c18dc0dc73658a54b14b5d8935462bc4f199609b9c2eb273f8fc7b7ea4c34d119e24286f771

  • SSDEEP

    12288:JXCNi9B0DfNFHvV0lJUAhUmuW9U2UwMT/XB9lawaY7w8G+wLpyoF3vMFO/zdXxM4:sWanPKlrhUOaTZLf7w8G+syoF9ERe

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      8b2b4d2738485721ca9cb437c488e55e1b654a0b4e769cc8f7f590c3ee511b77

    • Size

      901KB

    • MD5

      36e6f1987dafb002b19404c9508c6a3a

    • SHA1

      d84face4a94cf065d319c3b2339931bc2c678e53

    • SHA256

      8b2b4d2738485721ca9cb437c488e55e1b654a0b4e769cc8f7f590c3ee511b77

    • SHA512

      6ace91d5a5f9e67acea49a52634456842139174ae49cdaa1a1867c18dc0dc73658a54b14b5d8935462bc4f199609b9c2eb273f8fc7b7ea4c34d119e24286f771

    • SSDEEP

      12288:JXCNi9B0DfNFHvV0lJUAhUmuW9U2UwMT/XB9lawaY7w8G+wLpyoF3vMFO/zdXxM4:sWanPKlrhUOaTZLf7w8G+syoF9ERe

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks