Overview

overview

7

Static

static

3

255a25a32d...bc.exe

windows7-x64

7

255a25a32d...bc.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    255a25a32d970c7c41746bf68aa3db1b2ddc3acbff5f591e197e9b30b1466dbc

  • Size

    973KB

  • Sample

    240710-yz36nazfrh

  • MD5

    093f4187ca5d3e44c8ae5c882d0c45df

  • SHA1

    05f3febd2ca75f19fecf1ff38a266740e4eff2df

  • SHA256

    255a25a32d970c7c41746bf68aa3db1b2ddc3acbff5f591e197e9b30b1466dbc

  • SHA512

    6ae99bdd2a2759b27f7d8ab8ed1fbdea576b2f1bc6e4e88e8159f0a0ed19fb64113c83e8234237c2580d21fc4149fad5c8a048d9e5ba1e4f9d2a57188d49ffa8

  • SSDEEP

    12288:dXCNi9Bkl+aWIcpxGc8EQFcFvpnqRuoqAGrYOF2V0wvcSNsnORDS3++JHJY0BTuf:oWAxxcac8EbFdqQDcvvXYNArz

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      255a25a32d970c7c41746bf68aa3db1b2ddc3acbff5f591e197e9b30b1466dbc

    • Size

      973KB

    • MD5

      093f4187ca5d3e44c8ae5c882d0c45df

    • SHA1

      05f3febd2ca75f19fecf1ff38a266740e4eff2df

    • SHA256

      255a25a32d970c7c41746bf68aa3db1b2ddc3acbff5f591e197e9b30b1466dbc

    • SHA512

      6ae99bdd2a2759b27f7d8ab8ed1fbdea576b2f1bc6e4e88e8159f0a0ed19fb64113c83e8234237c2580d21fc4149fad5c8a048d9e5ba1e4f9d2a57188d49ffa8

    • SSDEEP

      12288:dXCNi9Bkl+aWIcpxGc8EQFcFvpnqRuoqAGrYOF2V0wvcSNsnORDS3++JHJY0BTuf:oWAxxcac8EbFdqQDcvvXYNArz

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks