Overview

overview

7

Static

static

3

05845e3aad...0N.exe

windows7-x64

7

05845e3aad...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05845e3aad95b09a777b9285e7bb9d60N.exe

  • Size

    693KB

  • Sample

    240801-1ca8ga1dle

  • MD5

    05845e3aad95b09a777b9285e7bb9d60

  • SHA1

    648cb8c7eaf98e9c507e08656cb78cbd78c982dc

  • SHA256

    72efca1e53608a331a71ed39dd28e6955708a4e9a7cbd72d6bb116a19d6864eb

  • SHA512

    883e79f829bd27fb3ecf48cf6bf42f1f1aad0755085e38d5e75d8c84d586330fe1bb5ff7c2c83786a0a65293f2f1c8e48bd7dd22d2668d97d97344d2f01e6b84

  • SSDEEP

    12288:dXCNi9B/NqSJIwuZ4CVMPfG6VZSeNbn3Zwa3XAeTSh4yu4Nenne6iqVoScPJeD:oWm4tPfG6x3weL4Nee67iu

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      05845e3aad95b09a777b9285e7bb9d60N.exe

    • Size

      693KB

    • MD5

      05845e3aad95b09a777b9285e7bb9d60

    • SHA1

      648cb8c7eaf98e9c507e08656cb78cbd78c982dc

    • SHA256

      72efca1e53608a331a71ed39dd28e6955708a4e9a7cbd72d6bb116a19d6864eb

    • SHA512

      883e79f829bd27fb3ecf48cf6bf42f1f1aad0755085e38d5e75d8c84d586330fe1bb5ff7c2c83786a0a65293f2f1c8e48bd7dd22d2668d97d97344d2f01e6b84

    • SSDEEP

      12288:dXCNi9B/NqSJIwuZ4CVMPfG6VZSeNbn3Zwa3XAeTSh4yu4Nenne6iqVoScPJeD:oWm4tPfG6x3weL4Nee67iu

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks