Overview

overview

7

Static

static

3

5698029d47...0N.exe

windows7-x64

7

5698029d47...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    5698029d478085129b6cba869b0346c0N.exe

  • Size

    513KB

  • Sample

    240716-dcqxlavang

  • MD5

    5698029d478085129b6cba869b0346c0

  • SHA1

    51d3964e44601a889cd880b8c56ea41ef9fa7026

  • SHA256

    64b97a17718ec3512ca9971a9f899094c7031155998bdf32bccb17f58de447a3

  • SHA512

    7581c3de4f2a2694a28abdabb2ce1006fffcab91b32bf668e95b9ebc75cca2324d43219d79728677b6cc5778b2fcb9f16c1a8995307e59e8e73bc2b47bc32498

  • SSDEEP

    12288:/n8yN0Mr8ZoOzOgNU2W5SSqRsy4kBf9NMy9o:vPuZoEp22W5SbBfTq

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      5698029d478085129b6cba869b0346c0N.exe

    • Size

      513KB

    • MD5

      5698029d478085129b6cba869b0346c0

    • SHA1

      51d3964e44601a889cd880b8c56ea41ef9fa7026

    • SHA256

      64b97a17718ec3512ca9971a9f899094c7031155998bdf32bccb17f58de447a3

    • SHA512

      7581c3de4f2a2694a28abdabb2ce1006fffcab91b32bf668e95b9ebc75cca2324d43219d79728677b6cc5778b2fcb9f16c1a8995307e59e8e73bc2b47bc32498

    • SSDEEP

      12288:/n8yN0Mr8ZoOzOgNU2W5SSqRsy4kBf9NMy9o:vPuZoEp22W5SbBfTq

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks