Overview

overview

7

Static

static

3

44a9dec96d...0N.exe

windows7-x64

7

44a9dec96d...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    44a9dec96da6b0c66ffca95f0f035830N.exe

  • Size

    715KB

  • Sample

    240723-bzp8gazhqp

  • MD5

    44a9dec96da6b0c66ffca95f0f035830

  • SHA1

    57ca66b03359636b48d3573c25e0c08b041965af

  • SHA256

    2e3ee5b0f42266afe56c4360343d8c045957c2752e42ba90eee283a0e773f6fd

  • SHA512

    baa637309f2fc52682b7750f341307f6f6e8cb52b268449fea116a2f5608349dd19ab5cc7966d9551f3100fb09cf4f7a51323fb2085eb815f7924ebae7253aba

  • SSDEEP

    12288:A//vi9BDsCWMmgHJ1ung5OFjGo338Nl647ipmVA73GGa7yqelY5Oek+2yip+Gq4w:2wD8Mp1ungKGo3MNl6kE3GGa4lY5OeBV

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      44a9dec96da6b0c66ffca95f0f035830N.exe

    • Size

      715KB

    • MD5

      44a9dec96da6b0c66ffca95f0f035830

    • SHA1

      57ca66b03359636b48d3573c25e0c08b041965af

    • SHA256

      2e3ee5b0f42266afe56c4360343d8c045957c2752e42ba90eee283a0e773f6fd

    • SHA512

      baa637309f2fc52682b7750f341307f6f6e8cb52b268449fea116a2f5608349dd19ab5cc7966d9551f3100fb09cf4f7a51323fb2085eb815f7924ebae7253aba

    • SSDEEP

      12288:A//vi9BDsCWMmgHJ1ung5OFjGo338Nl647ipmVA73GGa7yqelY5Oek+2yip+Gq4w:2wD8Mp1ungKGo3MNl6kE3GGa4lY5OeBV

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks