Overview

overview

7

Static

static

1

Dis-Tools.exe

windows10-1703-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Dis-Tools.exe

  • Size

    30.0MB

  • Sample

    240719-d9qcbsvaqh

  • MD5

    927168b7f5c3d2e2a1ab73c50cf596d6

  • SHA1

    0de549a4af7139ebb319d897c22e9438f3f534e3

  • SHA256

    30a52bcd54eb2801ee41a4f2014a638b9ef171dd652af570642e5ff5c23775f9

  • SHA512

    151d9286d1c5dfcb8ff7ffd3ba672d3af66a5c1dfeb3c7126893869dd8a4f3b22ed43255953f3650782fd317000775fc803a2c1c592994a34d5d3f388ea89a29

  • SSDEEP

    786432:2n9OQvkXK2KvIeVrrESWqEehPAJF6Tsjrw0:YOQvAKpvIeVrkq2H6Twt

Score
7/10
spywarestealerupx

Malware Config

Targets

    • Target

      Dis-Tools.exe

    • Size

      30.0MB

    • MD5

      927168b7f5c3d2e2a1ab73c50cf596d6

    • SHA1

      0de549a4af7139ebb319d897c22e9438f3f534e3

    • SHA256

      30a52bcd54eb2801ee41a4f2014a638b9ef171dd652af570642e5ff5c23775f9

    • SHA512

      151d9286d1c5dfcb8ff7ffd3ba672d3af66a5c1dfeb3c7126893869dd8a4f3b22ed43255953f3650782fd317000775fc803a2c1c592994a34d5d3f388ea89a29

    • SSDEEP

      786432:2n9OQvkXK2KvIeVrrESWqEehPAJF6Tsjrw0:YOQvAKpvIeVrkq2H6Twt

    Score
    7/10
    spywarestealerupx

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks