Overview

overview

9

Static

static

3

86aa45430a...ea.exe

windows7-x64

9

86aa45430a...ea.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    86aa45430a4510bf0704d1f5ed7da4897af77d35c74d3898bd240b706a2a6dea

  • Size

    3.0MB

  • Sample

    240726-ab6pwatcql

  • MD5

    da5bb53f6741213abe8f596ded7f5530

  • SHA1

    fcc2e1a8953d9c1ec70c2cb205999090f581d0d9

  • SHA256

    86aa45430a4510bf0704d1f5ed7da4897af77d35c74d3898bd240b706a2a6dea

  • SHA512

    2d449357c1a9299e14be8bff678cbc7cb3c9ac6a8c9ebf62dffa0be66242025bb33036308780e1387ecee7b068941aa71fcc4dc422513efeda01180a6e20fe97

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB0B/bSqz8b6LNX:sxX7QnxrloE5dpUpnbVz8eLF

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      86aa45430a4510bf0704d1f5ed7da4897af77d35c74d3898bd240b706a2a6dea

    • Size

      3.0MB

    • MD5

      da5bb53f6741213abe8f596ded7f5530

    • SHA1

      fcc2e1a8953d9c1ec70c2cb205999090f581d0d9

    • SHA256

      86aa45430a4510bf0704d1f5ed7da4897af77d35c74d3898bd240b706a2a6dea

    • SHA512

      2d449357c1a9299e14be8bff678cbc7cb3c9ac6a8c9ebf62dffa0be66242025bb33036308780e1387ecee7b068941aa71fcc4dc422513efeda01180a6e20fe97

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB0B/bSqz8b6LNX:sxX7QnxrloE5dpUpnbVz8eLF

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks