Overview

overview

7

Static

static

7

08d04859f6...0N.exe

windows7-x64

7

08d04859f6...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    08d04859f6bc2480da8a1c6282a3d610N.exe

  • Size

    594KB

  • Sample

    240714-s56k3syfqb

  • MD5

    08d04859f6bc2480da8a1c6282a3d610

  • SHA1

    0d3f98be245da888fa8bc9145907791fac2399da

  • SHA256

    c4ed0c709b8375f082a9decc9d9993ca53d9aeb5c28d7e9aec8c6d88dd721216

  • SHA512

    b2b65758021811bd34bafd3273972e35ec1d3cc587ef8b03dfff941a67bf55a9a841d9e48e653e7579ea8bfea62302a383f527427a79c6563fa37d8550dc0d5b

  • SSDEEP

    12288:SEQoSMDUeK/RfG2H3C0/Os4udlYLhz/TRlP3I3qwk:SSDUe0fdXCqOgl6h7Tv43nk

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      08d04859f6bc2480da8a1c6282a3d610N.exe

    • Size

      594KB

    • MD5

      08d04859f6bc2480da8a1c6282a3d610

    • SHA1

      0d3f98be245da888fa8bc9145907791fac2399da

    • SHA256

      c4ed0c709b8375f082a9decc9d9993ca53d9aeb5c28d7e9aec8c6d88dd721216

    • SHA512

      b2b65758021811bd34bafd3273972e35ec1d3cc587ef8b03dfff941a67bf55a9a841d9e48e653e7579ea8bfea62302a383f527427a79c6563fa37d8550dc0d5b

    • SSDEEP

      12288:SEQoSMDUeK/RfG2H3C0/Os4udlYLhz/TRlP3I3qwk:SSDUe0fdXCqOgl6h7Tv43nk

    Score
    7/10
    persistencespywarestealerupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks