Overview

overview

7

Static

static

3

d5a0ded12b...0N.exe

windows7-x64

7

d5a0ded12b...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    d5a0ded12bb4556f852b84938135b540N.exe

  • Size

    1.4MB

  • Sample

    240725-q4d4bsvcrh

  • MD5

    d5a0ded12bb4556f852b84938135b540

  • SHA1

    f525d096ad2a635e70b62ba3709184dffd83ea30

  • SHA256

    45434744967b5f335b461d45e1fb4370dea8b99294dada8f08fd74294e4c3108

  • SHA512

    63473a3682317715d96998a30aedfcc8b3dccd0d70190cee963fafffdf7c4e752b3610894f21c1fa608e07ab292b54fe4ffb66087bde8f065458148a6310bf88

  • SSDEEP

    24576:2wmTqMs39jG/OtQHFL367tK9x9tyMpSTq7pIaQS0VAjI4rSWdoFb7pDkLVa:hgIweaFr67tq9nSTA6o0VeIsSWCFb7pv

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      d5a0ded12bb4556f852b84938135b540N.exe

    • Size

      1.4MB

    • MD5

      d5a0ded12bb4556f852b84938135b540

    • SHA1

      f525d096ad2a635e70b62ba3709184dffd83ea30

    • SHA256

      45434744967b5f335b461d45e1fb4370dea8b99294dada8f08fd74294e4c3108

    • SHA512

      63473a3682317715d96998a30aedfcc8b3dccd0d70190cee963fafffdf7c4e752b3610894f21c1fa608e07ab292b54fe4ffb66087bde8f065458148a6310bf88

    • SSDEEP

      24576:2wmTqMs39jG/OtQHFL367tK9x9tyMpSTq7pIaQS0VAjI4rSWdoFb7pDkLVa:hgIweaFr67tq9nSTA6o0VeIsSWCFb7pv

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks