Overview

overview

7

Static

static

3

2eed74cd50...0N.exe

windows7-x64

7

2eed74cd50...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2eed74cd503e38782d4afbebfa4de190N.exe

  • Size

    1.5MB

  • Sample

    240719-azw6cavbjq

  • MD5

    2eed74cd503e38782d4afbebfa4de190

  • SHA1

    6308fa5315514821578138490e9ad6ee585b55f1

  • SHA256

    c7919c1f8d52d523c453674b09c8ae7edd5d13dd3ccbf45a1c86b25a66539b06

  • SHA512

    eda7e206d77db21da399a3bee493e5a78a6af0219ae0f767e7952d8de1fbac6082804956ee317978b60f32f6f64d5ad47b6ea791be3b232a2e17d4fe2ef5f171

  • SSDEEP

    49152:hUy4SDram6z/fNyznFK3c8uajCRvIiFshCJQr:qyMm6zNyz+gJAiOkQr

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      2eed74cd503e38782d4afbebfa4de190N.exe

    • Size

      1.5MB

    • MD5

      2eed74cd503e38782d4afbebfa4de190

    • SHA1

      6308fa5315514821578138490e9ad6ee585b55f1

    • SHA256

      c7919c1f8d52d523c453674b09c8ae7edd5d13dd3ccbf45a1c86b25a66539b06

    • SHA512

      eda7e206d77db21da399a3bee493e5a78a6af0219ae0f767e7952d8de1fbac6082804956ee317978b60f32f6f64d5ad47b6ea791be3b232a2e17d4fe2ef5f171

    • SSDEEP

      49152:hUy4SDram6z/fNyznFK3c8uajCRvIiFshCJQr:qyMm6zNyz+gJAiOkQr

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks