Overview

overview

7

Static

static

3

349983b7e0...0N.exe

windows7-x64

7

349983b7e0...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    349983b7e0e6c22ac0affc900bc89e10N.exe

  • Size

    1.8MB

  • Sample

    240719-blbg6awbkk

  • MD5

    349983b7e0e6c22ac0affc900bc89e10

  • SHA1

    d44284da674e6ccff8bdde6e4e1dd12f1fa81456

  • SHA256

    273886e844c3d90e6ebd951c6f528070318b3d3a8a08d0b35ae428913043757c

  • SHA512

    dd7c2d39aa3101e4dfaa5fc1b0f29194df805d66859edb23a8eac284c47c1d3f8950590024aac9a678c3fbaf2ae90ee4fe6f4e04b00aa41bab80013a5664d3c7

  • SSDEEP

    49152:V73lKQMrBHj6sGeagCrKqX+bflZapl4sgFnP7YEM+Uc:u1HjXGejCOli0sQ4c

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      349983b7e0e6c22ac0affc900bc89e10N.exe

    • Size

      1.8MB

    • MD5

      349983b7e0e6c22ac0affc900bc89e10

    • SHA1

      d44284da674e6ccff8bdde6e4e1dd12f1fa81456

    • SHA256

      273886e844c3d90e6ebd951c6f528070318b3d3a8a08d0b35ae428913043757c

    • SHA512

      dd7c2d39aa3101e4dfaa5fc1b0f29194df805d66859edb23a8eac284c47c1d3f8950590024aac9a678c3fbaf2ae90ee4fe6f4e04b00aa41bab80013a5664d3c7

    • SSDEEP

      49152:V73lKQMrBHj6sGeagCrKqX+bflZapl4sgFnP7YEM+Uc:u1HjXGejCOli0sQ4c

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks