Overview

overview

7

Static

static

3

527f7517ed...0N.exe

windows7-x64

7

527f7517ed...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    527f7517ed8c00cdf1dcb4abb5820d40N.exe

  • Size

    694KB

  • Sample

    240713-f8h8qszelc

  • MD5

    527f7517ed8c00cdf1dcb4abb5820d40

  • SHA1

    4b1451f55664cd29947608bf6d6add0ebd25dbfe

  • SHA256

    4927f0f8ec0bc609048fac1ee6e449df6c15cb0e872ed9b34423399105ae7d68

  • SHA512

    ade05d5f36012580e8f4d81dc233e5cafac22be15accf4caf82bbd36ce949512e05f30caf77a5460f671796b3866de28406badf7e212b6625fcf2730cab5e39a

  • SSDEEP

    12288:9n8yN0Mr82KzvFWOC3aEX968PFZSboNML+bgez/65CeO:FPufzv8O0QsFZS0cOgez/6YX

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      527f7517ed8c00cdf1dcb4abb5820d40N.exe

    • Size

      694KB

    • MD5

      527f7517ed8c00cdf1dcb4abb5820d40

    • SHA1

      4b1451f55664cd29947608bf6d6add0ebd25dbfe

    • SHA256

      4927f0f8ec0bc609048fac1ee6e449df6c15cb0e872ed9b34423399105ae7d68

    • SHA512

      ade05d5f36012580e8f4d81dc233e5cafac22be15accf4caf82bbd36ce949512e05f30caf77a5460f671796b3866de28406badf7e212b6625fcf2730cab5e39a

    • SSDEEP

      12288:9n8yN0Mr82KzvFWOC3aEX968PFZSboNML+bgez/65CeO:FPufzv8O0QsFZS0cOgez/6YX

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks