Overview

overview

8

Static

static

3

879d687eeb...30.exe

windows7-x64

7

879d687eeb...30.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    879d687eebac6c0443ebc8c166cf9e79e4920eb8c3bbd4516167aa18fed21e30

  • Size

    3.1MB

  • Sample

    240809-bffvpatemr

  • MD5

    b4d40932afa14e71c1fceed22f33caef

  • SHA1

    80b86f31f55dc6ee7435a390e0f4256ff57d6532

  • SHA256

    879d687eebac6c0443ebc8c166cf9e79e4920eb8c3bbd4516167aa18fed21e30

  • SHA512

    d7743455ee0731ff1bab14aab499d1afa428c39cbb5a115cb069493c8ea070b3c48234ceaf74929800b81484209accfdc2a04cd28b75f71a819458365a94afcb

  • SSDEEP

    49152:+NEyYYC1hqiJckG38dBFOhg5/6qF3rjb/h4CNcTCP8xphzSNtOSe+aS:0EP1y3+0hgh6u/ZcTCP8BzONaS

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      879d687eebac6c0443ebc8c166cf9e79e4920eb8c3bbd4516167aa18fed21e30

    • Size

      3.1MB

    • MD5

      b4d40932afa14e71c1fceed22f33caef

    • SHA1

      80b86f31f55dc6ee7435a390e0f4256ff57d6532

    • SHA256

      879d687eebac6c0443ebc8c166cf9e79e4920eb8c3bbd4516167aa18fed21e30

    • SHA512

      d7743455ee0731ff1bab14aab499d1afa428c39cbb5a115cb069493c8ea070b3c48234ceaf74929800b81484209accfdc2a04cd28b75f71a819458365a94afcb

    • SSDEEP

      49152:+NEyYYC1hqiJckG38dBFOhg5/6qF3rjb/h4CNcTCP8xphzSNtOSe+aS:0EP1y3+0hgh6u/ZcTCP8BzONaS

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks