Overview

overview

7

Static

static

3

a48272c20c...0N.exe

windows7-x64

7

a48272c20c...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a48272c20c6d3b24e9a45185ab276220N.exe

  • Size

    621KB

  • Sample

    240715-hzha7axckg

  • MD5

    a48272c20c6d3b24e9a45185ab276220

  • SHA1

    042d34245e0a780264b8bb4f6e3a9d7b67993ccb

  • SHA256

    51d7c6b620c2e3f8556601e1b53662723aa7296c7ffe09eb8343d14e18fa63c9

  • SHA512

    72bd5e2b4dbaf87cde2295951006b2acaa6f6d1117375498701a09ab8f2ce77f4ca0ddc70291645422e87e28ee524d4253d23d09f606283c47b5848fb1c46802

  • SSDEEP

    12288:dXCNi9BL620a44glBXFKV8jgzeXeYc1hBtr/4amipv7E1EHctBq4er:oWL6trflNoCgzmeYc1rtURGo1jw

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      a48272c20c6d3b24e9a45185ab276220N.exe

    • Size

      621KB

    • MD5

      a48272c20c6d3b24e9a45185ab276220

    • SHA1

      042d34245e0a780264b8bb4f6e3a9d7b67993ccb

    • SHA256

      51d7c6b620c2e3f8556601e1b53662723aa7296c7ffe09eb8343d14e18fa63c9

    • SHA512

      72bd5e2b4dbaf87cde2295951006b2acaa6f6d1117375498701a09ab8f2ce77f4ca0ddc70291645422e87e28ee524d4253d23d09f606283c47b5848fb1c46802

    • SSDEEP

      12288:dXCNi9BL620a44glBXFKV8jgzeXeYc1hBtr/4amipv7E1EHctBq4er:oWL6trflNoCgzmeYc1rtURGo1jw

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks