Overview

overview

7

Static

static

3

a1cf051610...0N.exe

windows7-x64

7

a1cf051610...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a1cf0516101e49bad13d5ba58a5e3880N.exe

  • Size

    1.4MB

  • Sample

    240721-k9md1azalj

  • MD5

    a1cf0516101e49bad13d5ba58a5e3880

  • SHA1

    7ced3493110e9154fa9c27957f0fd8d45628daca

  • SHA256

    c965e0ab308638998da0fb4ce4501ec94884842820cbf39d2a50d77a48fccf6f

  • SHA512

    7ecf8fdb6f566d139e7e94a35a2c31421c788d6e932f855c41abaabd3e24288bb811d77c2154856f6f483d5e1e820bb31609c23438a6518c0dcd8e484cdd7fe1

  • SSDEEP

    24576:oWEZnR+C9Ga//btY+JT8Z4YoNF4R8Lu2qeWBryCaVG/IYaXYoE+XZnnMp00LB5MA:VEZ8C9Z/bdZJrJuT3r3aVG/IY4YxqVMX

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      a1cf0516101e49bad13d5ba58a5e3880N.exe

    • Size

      1.4MB

    • MD5

      a1cf0516101e49bad13d5ba58a5e3880

    • SHA1

      7ced3493110e9154fa9c27957f0fd8d45628daca

    • SHA256

      c965e0ab308638998da0fb4ce4501ec94884842820cbf39d2a50d77a48fccf6f

    • SHA512

      7ecf8fdb6f566d139e7e94a35a2c31421c788d6e932f855c41abaabd3e24288bb811d77c2154856f6f483d5e1e820bb31609c23438a6518c0dcd8e484cdd7fe1

    • SSDEEP

      24576:oWEZnR+C9Ga//btY+JT8Z4YoNF4R8Lu2qeWBryCaVG/IYaXYoE+XZnnMp00LB5MA:VEZ8C9Z/bdZJrJuT3r3aVG/IY4YxqVMX

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks