Overview

overview

8

Static

static

1

royalegemgen.html

windows10-2004-x64

8

Resubmissions

15-07-2024 17:49

240715-wd77dasbmr 10

15-07-2024 17:37

240715-v7a83a1gnp 1

15-07-2024 17:27

240715-v1vn5a1enn 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    royalegemgen

  • Size

    9KB

  • Sample

    240715-v1vn5a1enn

  • MD5

    77607026165ec8e869985a411989754e

  • SHA1

    8e73058fe4d86615be901b3f6fa25d21dc66f1bd

  • SHA256

    620e864673be893b0359a658032170b8520087fbd563ba3144c7730fbac01c08

  • SHA512

    522c46848cb6ec3a2998bbae33e246ab1a7be1e4c3064a4a7e673bdb391c3de04a63943097fe5bf764d37e2705931e7d453b056f3b776236d865ec79aa57c728

  • SSDEEP

    192:+CqqWZZPPaL9LUL6LJLiLixjSr+5RtwFWcllL4MllLXllL8llLtllLYllLW7FxC7:+CYuL9LUL6LJLiLIM+FGWcllL4MllLXB

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      royalegemgen

    • Size

      9KB

    • MD5

      77607026165ec8e869985a411989754e

    • SHA1

      8e73058fe4d86615be901b3f6fa25d21dc66f1bd

    • SHA256

      620e864673be893b0359a658032170b8520087fbd563ba3144c7730fbac01c08

    • SHA512

      522c46848cb6ec3a2998bbae33e246ab1a7be1e4c3064a4a7e673bdb391c3de04a63943097fe5bf764d37e2705931e7d453b056f3b776236d865ec79aa57c728

    • SSDEEP

      192:+CqqWZZPPaL9LUL6LJLiLixjSr+5RtwFWcllL4MllLXllL8llLtllLYllLW7FxC7:+CYuL9LUL6LJLiLIM+FGWcllL4MllLXB

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks