Overview

overview

7

Static

static

3

0698b9f3be...0N.exe

windows7-x64

7

0698b9f3be...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0698b9f3be8e52c7fedc1ef6a3e491b0N.exe

  • Size

    591KB

  • Sample

    240721-y7e4ssshqd

  • MD5

    0698b9f3be8e52c7fedc1ef6a3e491b0

  • SHA1

    591545ffab3648b0481b8654e3a77a6ff2862316

  • SHA256

    363215a39173f4090adc088fdb2df5e7e13cc44673b24440e170a4c40ce2b7c6

  • SHA512

    04c542b35ac683a27eb36764e7003f7203e87f6e303aad97d0c14b242446892f57b58eb187800186840a339e209126ea5e28b6336f65c40072816fb21b066f45

  • SSDEEP

    12288:dXCNi9BFR0/lwUQ2rLQGuVAP3Qs4XKEOUbEmT4THR11sggo:oWo/lwUQqLQGanzXK9UbEmT4T71J

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      0698b9f3be8e52c7fedc1ef6a3e491b0N.exe

    • Size

      591KB

    • MD5

      0698b9f3be8e52c7fedc1ef6a3e491b0

    • SHA1

      591545ffab3648b0481b8654e3a77a6ff2862316

    • SHA256

      363215a39173f4090adc088fdb2df5e7e13cc44673b24440e170a4c40ce2b7c6

    • SHA512

      04c542b35ac683a27eb36764e7003f7203e87f6e303aad97d0c14b242446892f57b58eb187800186840a339e209126ea5e28b6336f65c40072816fb21b066f45

    • SSDEEP

      12288:dXCNi9BFR0/lwUQ2rLQGuVAP3Qs4XKEOUbEmT4THR11sggo:oWo/lwUQqLQGanzXK9UbEmT4T71J

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks