Overview

overview

9

Static

static

1

Shure64x.rar

windows7-x64

3

Shure64x.rar

windows10-2004-x64

3

Shure64x.msi

windows7-x64

6

Shure64x.msi

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Shure64x.rar

  • Size

    85.9MB

  • Sample

    240808-baafqaxbpj

  • MD5

    d7f28ac8dbd44620cc63eea8906ad5d4

  • SHA1

    51a53d4f8f5170e8adcb95e1d48ee2c06c24bdbe

  • SHA256

    086cfceeba52ec0e5effd32321b9fdbcf7b3f674839b30749059e4275af08363

  • SHA512

    818d3610ff1494ba546740010b73d62cf020b3fd7751f5d1d414d9d6cae690ef40a35803753e6ff7ebe71c0c952dc1fd987fd05a9333fb48f6e550e7e1eebe1f

  • SSDEEP

    1572864:CM9izJ+CkO0TszUlwcJrWtoycneVvXeVClCR7U613bmSdw23vsIXsQRiY9AdM/kp:bMJ3kO0Tikw1oycnqvXe0Cx1JC20IcuE

Score
9/10
credential_accessdiscoverypersistenceprivilege_escalationspywarestealer

Malware Config

Targets

    • Target

      Shure64x.rar

    • Size

      85.9MB

    • MD5

      d7f28ac8dbd44620cc63eea8906ad5d4

    • SHA1

      51a53d4f8f5170e8adcb95e1d48ee2c06c24bdbe

    • SHA256

      086cfceeba52ec0e5effd32321b9fdbcf7b3f674839b30749059e4275af08363

    • SHA512

      818d3610ff1494ba546740010b73d62cf020b3fd7751f5d1d414d9d6cae690ef40a35803753e6ff7ebe71c0c952dc1fd987fd05a9333fb48f6e550e7e1eebe1f

    • SSDEEP

      1572864:CM9izJ+CkO0TszUlwcJrWtoycneVvXeVClCR7U613bmSdw23vsIXsQRiY9AdM/kp:bMJ3kO0Tikw1oycnqvXe0Cx1JC20IcuE

    Score
    3/10
    behavioral1behavioral2

    • Target

      Shure64x.msi

    • Size

      86.2MB

    • MD5

      58f442aa99f04239cb7d1da33bd89612

    • SHA1

      82d0c3a408ee9d235f8c6145ec1597eac3ec0fec

    • SHA256

      13aad31e3a1bec69fab1729867e6f7819d2741f7c7ef34cc789c8f195b641b91

    • SHA512

      e282f9d8a79581c9c0d8a220bfa0e28c899ab1d8e18072271fad54b218ef5d4ba886dde8b3d547dd1f625b2c66974805569e2186f9efb385ad0fd7d39913307f

    • SSDEEP

      1572864:sTg79nEDugaAModrO12nW/sCmFTJdtFHLAvHlYy3peYGg0IWM9f/QGsv:sE79IurAMerW/56Ndte2y3MgtWG/

    Score
    9/10
    persistenceprivilege_escalationcredential_accessdiscoveryspywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • An obfuscated cmd.exe command-line is typically used to evade detection.

    • Enumerates processes with tasklist

      discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks