Overview

overview

7

Static

static

3

334a895a45...0N.exe

windows7-x64

7

334a895a45...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    334a895a45ff3ac3e49915e475759e20N.exe

  • Size

    1.6MB

  • Sample

    240719-be1tgavhjk

  • MD5

    334a895a45ff3ac3e49915e475759e20

  • SHA1

    425e3b9b5fbbeb45995a197a023902515613c30d

  • SHA256

    a1392d33f239d0ea0977e9c9d0748af317b2c17817a650e70d9d1b878bd575bb

  • SHA512

    52547930dff2e0572b3d002e7a511f63e211367239675a411e75ed8a8dce7b24ed2974fc2f6cfb3d8f6646e178902c3f6965aa5aed49456e597ec12c5f5e1783

  • SSDEEP

    24576:lq8YDDOXndic1syrMwPGU++ajUoNQEHZrIIHi7CLe44qP8RbhYAVUA1p6v:JNmJwPS+MUoNNNHiF30g1Mv

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      334a895a45ff3ac3e49915e475759e20N.exe

    • Size

      1.6MB

    • MD5

      334a895a45ff3ac3e49915e475759e20

    • SHA1

      425e3b9b5fbbeb45995a197a023902515613c30d

    • SHA256

      a1392d33f239d0ea0977e9c9d0748af317b2c17817a650e70d9d1b878bd575bb

    • SHA512

      52547930dff2e0572b3d002e7a511f63e211367239675a411e75ed8a8dce7b24ed2974fc2f6cfb3d8f6646e178902c3f6965aa5aed49456e597ec12c5f5e1783

    • SSDEEP

      24576:lq8YDDOXndic1syrMwPGU++ajUoNQEHZrIIHi7CLe44qP8RbhYAVUA1p6v:JNmJwPS+MUoNNNHiF30g1Mv

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks