Overview

overview

7

Static

static

1

July17_Pay...91.exe

windows7-x64

7

July17_Pay...91.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    July17_Payment43TR_D0812_U48927_H09824_W3892_K5087_F5902_DU8927_R491.exe

  • Size

    65KB

  • Sample

    240723-py3n3azgln

  • MD5

    ebc5b1b9de7fb4879942df86cf4ce4a9

  • SHA1

    39452fec146fc416e5ebf87c74f2a511c98c17c4

  • SHA256

    ffc6e70bcf390e203476846b96a577cdd6954d37723b97def0f725f8cbe859a5

  • SHA512

    7887a5a45ec3fe3a77abe7c97108b51b560f0e35e287ff1828a5f98cd0b28d9310dff160fc93cc93f05c70ac5c102a58ec99ca57bf2b1f1e8a280d828fb237c1

  • SSDEEP

    1536:VGTyzHn0XZXM1B9Xbd7+IY/rAO5HtKWak6YZeiH5:0TyM81DXNovHpak74Y

Score
7/10
collectionspywarestealer

Malware Config

Targets

    • Target

      July17_Payment43TR_D0812_U48927_H09824_W3892_K5087_F5902_DU8927_R491.exe

    • Size

      65KB

    • MD5

      ebc5b1b9de7fb4879942df86cf4ce4a9

    • SHA1

      39452fec146fc416e5ebf87c74f2a511c98c17c4

    • SHA256

      ffc6e70bcf390e203476846b96a577cdd6954d37723b97def0f725f8cbe859a5

    • SHA512

      7887a5a45ec3fe3a77abe7c97108b51b560f0e35e287ff1828a5f98cd0b28d9310dff160fc93cc93f05c70ac5c102a58ec99ca57bf2b1f1e8a280d828fb237c1

    • SSDEEP

      1536:VGTyzHn0XZXM1B9Xbd7+IY/rAO5HtKWak6YZeiH5:0TyM81DXNovHpak74Y

    Score
    7/10
    collectionspywarestealer

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks