Overview

overview

7

Static

static

3

af14d305c0...0N.exe

windows7-x64

7

af14d305c0...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    af14d305c0cf5f533e9bfba2aa4f8930N.exe

  • Size

    581KB

  • Sample

    240726-kp9nss1erf

  • MD5

    af14d305c0cf5f533e9bfba2aa4f8930

  • SHA1

    2f9c17909651cc8228050cafd5c3e23b2f288eb5

  • SHA256

    d3c1b1481e62d73d3d21fce30a69933ee797dd16f2b4c03c540dc797166653fd

  • SHA512

    ff164d42e7f2cabc02b0226f27524ced0c9124a3bd28e5d28c42303c20fbd6c4869530c82d00230e91cdf1de8b21e48f3d85daa4c2b342da8bb97bc934c181e1

  • SSDEEP

    12288:A//vi9BbG84iWhq5JGggUC72f7Sa1qfawpLGjSETDUbHnhPqtxq2L86:2wqsyqm26fg5TDU7BqtfL7

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      af14d305c0cf5f533e9bfba2aa4f8930N.exe

    • Size

      581KB

    • MD5

      af14d305c0cf5f533e9bfba2aa4f8930

    • SHA1

      2f9c17909651cc8228050cafd5c3e23b2f288eb5

    • SHA256

      d3c1b1481e62d73d3d21fce30a69933ee797dd16f2b4c03c540dc797166653fd

    • SHA512

      ff164d42e7f2cabc02b0226f27524ced0c9124a3bd28e5d28c42303c20fbd6c4869530c82d00230e91cdf1de8b21e48f3d85daa4c2b342da8bb97bc934c181e1

    • SSDEEP

      12288:A//vi9BbG84iWhq5JGggUC72f7Sa1qfawpLGjSETDUbHnhPqtxq2L86:2wqsyqm26fg5TDU7BqtfL7

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks