Overview

overview

9

Static

static

3

50671fe5a0...0N.exe

windows7-x64

9

50671fe5a0...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    50671fe5a08ce927be83ce02cc151020N.exe

  • Size

    3.6MB

  • Sample

    240726-y71qhasfqn

  • MD5

    50671fe5a08ce927be83ce02cc151020

  • SHA1

    261affaab1c258e4c0ea175eb5a8e6fb94db525c

  • SHA256

    77d87be7e52fa7d8e6fe95da9879f3f76a6aef416a9b2823edee5ffd049fb982

  • SHA512

    dd52ff8325fd85fcd49e1d5c8ca112cc502cc090492881f6eb7baaa25fcea67c391e7b43999f94da38205904fb76d0fc07e0e4a93d1c2046f6fc5662d8f25ba0

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bSqz8:sxX7QnxrloE5dpUplbVz8

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      50671fe5a08ce927be83ce02cc151020N.exe

    • Size

      3.6MB

    • MD5

      50671fe5a08ce927be83ce02cc151020

    • SHA1

      261affaab1c258e4c0ea175eb5a8e6fb94db525c

    • SHA256

      77d87be7e52fa7d8e6fe95da9879f3f76a6aef416a9b2823edee5ffd049fb982

    • SHA512

      dd52ff8325fd85fcd49e1d5c8ca112cc502cc090492881f6eb7baaa25fcea67c391e7b43999f94da38205904fb76d0fc07e0e4a93d1c2046f6fc5662d8f25ba0

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bSqz8:sxX7QnxrloE5dpUplbVz8

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks