Overview

overview

7

Static

static

3

50274704e4...0N.exe

windows7-x64

7

50274704e4...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    50274704e47857f24520e7611f93cc90N.exe

  • Size

    1.4MB

  • Sample

    240720-fklzqaxckr

  • MD5

    50274704e47857f24520e7611f93cc90

  • SHA1

    d886ec96d10aeaa474c4b203e494154cd506179b

  • SHA256

    04bb2f0d7a5003409843cd6d6564dea0d5129565dc9bfe9c55c4f86e66a7789a

  • SHA512

    ca7350b9d1b31218c7432c4ece9e1abb885d027c3710744d384f596b4c5e23e736e698249162dfe46f4ea28c94fc4eb55bf6ba5eee8db747a0457357ad9e3172

  • SSDEEP

    24576:oWKRFPeo7fqdcZZ1EnfqxQ5yZn5neLerZtbEzPgx53toXj4uH+Ux+IWrQNugdAb4:VKbXLjr1E5yZ5/VtbKgD9ozfjJskAcV3

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      50274704e47857f24520e7611f93cc90N.exe

    • Size

      1.4MB

    • MD5

      50274704e47857f24520e7611f93cc90

    • SHA1

      d886ec96d10aeaa474c4b203e494154cd506179b

    • SHA256

      04bb2f0d7a5003409843cd6d6564dea0d5129565dc9bfe9c55c4f86e66a7789a

    • SHA512

      ca7350b9d1b31218c7432c4ece9e1abb885d027c3710744d384f596b4c5e23e736e698249162dfe46f4ea28c94fc4eb55bf6ba5eee8db747a0457357ad9e3172

    • SSDEEP

      24576:oWKRFPeo7fqdcZZ1EnfqxQ5yZn5neLerZtbEzPgx53toXj4uH+Ux+IWrQNugdAb4:VKbXLjr1E5yZ5/VtbKgD9ozfjJskAcV3

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks