Overview

overview

7

Static

static

3

b92b325725...0N.exe

windows7-x64

7

b92b325725...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b92b325725b1efd44ccdbbfde072b840N.exe

  • Size

    1.2MB

  • Sample

    240807-nx7qys1gqb

  • MD5

    b92b325725b1efd44ccdbbfde072b840

  • SHA1

    3c0df570b7c8d268422840e3e39afda25d7c71e5

  • SHA256

    37382933ddeaefe8cc80a41ce5ff7b26a0c009bc65fc7e95763fca1b61b41b94

  • SHA512

    02b3f3283da21c7337581b4033cc45a66fb9b34f0a7d5cbeb1376ee8524a38df9a27d7b95cbbf259c1ac12c60833a4984fb14ca11f8408d7c4f91a5c886dcb46

  • SSDEEP

    24576:oWLJPwRN70dr9+IKSbwhkgL+VR7ixd9mPD/wX7BpLlgPqw8HCcT:V9w7odrkSwhrA7iNeDclQqlHCcT

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      b92b325725b1efd44ccdbbfde072b840N.exe

    • Size

      1.2MB

    • MD5

      b92b325725b1efd44ccdbbfde072b840

    • SHA1

      3c0df570b7c8d268422840e3e39afda25d7c71e5

    • SHA256

      37382933ddeaefe8cc80a41ce5ff7b26a0c009bc65fc7e95763fca1b61b41b94

    • SHA512

      02b3f3283da21c7337581b4033cc45a66fb9b34f0a7d5cbeb1376ee8524a38df9a27d7b95cbbf259c1ac12c60833a4984fb14ca11f8408d7c4f91a5c886dcb46

    • SSDEEP

      24576:oWLJPwRN70dr9+IKSbwhkgL+VR7ixd9mPD/wX7BpLlgPqw8HCcT:V9w7odrkSwhrA7iNeDclQqlHCcT

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks