Overview

overview

7

Static

static

3

31aeb2b579...5e.exe

windows7-x64

7

31aeb2b579...5e.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    31aeb2b579e1214070dbf4520cc7984bafe9937f5e9400e960a8366e84387d5e

  • Size

    1.2MB

  • Sample

    240710-zr3etszbpm

  • MD5

    880c7a4662fea6a3f30c4e16443aaa6d

  • SHA1

    48eecdef179a21d3b6047683428cd99aa9290e8c

  • SHA256

    31aeb2b579e1214070dbf4520cc7984bafe9937f5e9400e960a8366e84387d5e

  • SHA512

    a75ebc3fa35a63a8ca3ae225f46a8378dbfdd174305ef8dfc25d572ecc1507a21f2daf9210be75a49f2f4dcc96ec593c848039f8edc885cdff277a002079fcb3

  • SSDEEP

    24576:oWF8/bH6vk6dl+5VbNIj4z/OGbP9oF07HMVFuSkp3uWtTsvjaILZYK:V6/bM+5rIaYLqxuWtzib

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      31aeb2b579e1214070dbf4520cc7984bafe9937f5e9400e960a8366e84387d5e

    • Size

      1.2MB

    • MD5

      880c7a4662fea6a3f30c4e16443aaa6d

    • SHA1

      48eecdef179a21d3b6047683428cd99aa9290e8c

    • SHA256

      31aeb2b579e1214070dbf4520cc7984bafe9937f5e9400e960a8366e84387d5e

    • SHA512

      a75ebc3fa35a63a8ca3ae225f46a8378dbfdd174305ef8dfc25d572ecc1507a21f2daf9210be75a49f2f4dcc96ec593c848039f8edc885cdff277a002079fcb3

    • SSDEEP

      24576:oWF8/bH6vk6dl+5VbNIj4z/OGbP9oF07HMVFuSkp3uWtTsvjaILZYK:V6/bM+5rIaYLqxuWtzib

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks