Overview

overview

7

Static

static

3

3412db6da0...9a.exe

windows7-x64

7

3412db6da0...9a.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3412db6da04148571a3b345e12f0c7b19517fafdf4d22eeafd777668697e489a

  • Size

    790KB

  • Sample

    240722-yyfzqswara

  • MD5

    70201f7f18a9519532e06112223bb302

  • SHA1

    f287c0c960646c8f1469723916a2a0f8d4576e9d

  • SHA256

    3412db6da04148571a3b345e12f0c7b19517fafdf4d22eeafd777668697e489a

  • SHA512

    de35963ea48aa079f86898e3b5ec7a5c6168d117e5aeea248aab6ab2fbf30949e98d61a6b2b48812151a14e2c29b1e74c6dc7d49a31200cc5372e8445e29d8f4

  • SSDEEP

    24576:oWc0QE0fry7aS7Dog7Mg1XvdkkseLv39gU:V7Q7zymS3ogPgeLmU

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      3412db6da04148571a3b345e12f0c7b19517fafdf4d22eeafd777668697e489a

    • Size

      790KB

    • MD5

      70201f7f18a9519532e06112223bb302

    • SHA1

      f287c0c960646c8f1469723916a2a0f8d4576e9d

    • SHA256

      3412db6da04148571a3b345e12f0c7b19517fafdf4d22eeafd777668697e489a

    • SHA512

      de35963ea48aa079f86898e3b5ec7a5c6168d117e5aeea248aab6ab2fbf30949e98d61a6b2b48812151a14e2c29b1e74c6dc7d49a31200cc5372e8445e29d8f4

    • SSDEEP

      24576:oWc0QE0fry7aS7Dog7Mg1XvdkkseLv39gU:V7Q7zymS3ogPgeLmU

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks