Overview

overview

7

Static

static

3

414ffdae54...0N.exe

windows7-x64

7

414ffdae54...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    414ffdae54c746f2fa7e337d360a3230N.exe

  • Size

    440KB

  • Sample

    240716-bgfajsxhlj

  • MD5

    414ffdae54c746f2fa7e337d360a3230

  • SHA1

    15a98e30c7a9d8e475dda9de669855a4d1633876

  • SHA256

    48105aef292d588ed90cd2e2eb1c175feb637e0f5a9222ac2218c7c1c0826c25

  • SHA512

    7b2fc5bfc714095b044cd4d13e8775754d25d4d7f1f450b909dfa451a90b7d29eda241487352c86833e8c60ee32a149c4167a7259ada1a5826ca96d6ac624039

  • SSDEEP

    12288:dXCNi9BwrQCQ95um3QLhc89+H7C7w2vtx3VKB/vTLG46/Mfm:oWw9QCfl1hvDlm/m

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      414ffdae54c746f2fa7e337d360a3230N.exe

    • Size

      440KB

    • MD5

      414ffdae54c746f2fa7e337d360a3230

    • SHA1

      15a98e30c7a9d8e475dda9de669855a4d1633876

    • SHA256

      48105aef292d588ed90cd2e2eb1c175feb637e0f5a9222ac2218c7c1c0826c25

    • SHA512

      7b2fc5bfc714095b044cd4d13e8775754d25d4d7f1f450b909dfa451a90b7d29eda241487352c86833e8c60ee32a149c4167a7259ada1a5826ca96d6ac624039

    • SSDEEP

      12288:dXCNi9BwrQCQ95um3QLhc89+H7C7w2vtx3VKB/vTLG46/Mfm:oWw9QCfl1hvDlm/m

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks