Overview

overview

7

Static

static

3

36d6ce472d...0N.exe

windows7-x64

7

36d6ce472d...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    36d6ce472d2302b134ba1133dd2aca50N.exe

  • Size

    541KB

  • Sample

    240712-hs5sxashpl

  • MD5

    36d6ce472d2302b134ba1133dd2aca50

  • SHA1

    d2a113b6cc9380354c2fef0bcd2b95e10aed0191

  • SHA256

    2bb599d03fa3a4bb1819422bcca76b722941b2f3a611b95f8cd7504c774b57b7

  • SHA512

    faf13bd28894b7d941da16cf77f7d462d201f0562b5f482a045b80252f8288fb79d1bc38b9b70a711937c00c9ff81bee0e07727a2538a9eaca672fcdad446b68

  • SSDEEP

    6144:9rTfUHeeSKOS9ccFKk3Y9t9Y6hVS2FziF3Q7mAbWmmG1U8Jzha:9n8yN0Mr86hLFziF3QDbWmmkBJzE

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      36d6ce472d2302b134ba1133dd2aca50N.exe

    • Size

      541KB

    • MD5

      36d6ce472d2302b134ba1133dd2aca50

    • SHA1

      d2a113b6cc9380354c2fef0bcd2b95e10aed0191

    • SHA256

      2bb599d03fa3a4bb1819422bcca76b722941b2f3a611b95f8cd7504c774b57b7

    • SHA512

      faf13bd28894b7d941da16cf77f7d462d201f0562b5f482a045b80252f8288fb79d1bc38b9b70a711937c00c9ff81bee0e07727a2538a9eaca672fcdad446b68

    • SSDEEP

      6144:9rTfUHeeSKOS9ccFKk3Y9t9Y6hVS2FziF3Q7mAbWmmG1U8Jzha:9n8yN0Mr86hLFziF3QDbWmmkBJzE

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks