Overview

overview

7

Static

static

3

b915e29511...18.exe

windows7-x64

7

b915e29511...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b915e29511bca5464d48d09cd470c3c53f088ccf69cef12006ecc881e1223918

  • Size

    484KB

  • Sample

    240812-byc7hsygjr

  • MD5

    2faf23fffb225b9b6fadbc7b977b0575

  • SHA1

    afbb5655819f39fab2c41c1be7a8146727e563d4

  • SHA256

    b915e29511bca5464d48d09cd470c3c53f088ccf69cef12006ecc881e1223918

  • SHA512

    dccdd9236987b6accd2e1ef20f376a4d91124f73f9c46286d9118719f9807f06668417c295918b709f87a533ae9427abc34498a607b971b9adf61cdd726d493a

  • SSDEEP

    12288:dXCNi9BIY/EKxKbbzHsfMAFBBVWi1goXsa7w1hrvJ:oW51Kb3M0ABVJ6KPw1hh

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      b915e29511bca5464d48d09cd470c3c53f088ccf69cef12006ecc881e1223918

    • Size

      484KB

    • MD5

      2faf23fffb225b9b6fadbc7b977b0575

    • SHA1

      afbb5655819f39fab2c41c1be7a8146727e563d4

    • SHA256

      b915e29511bca5464d48d09cd470c3c53f088ccf69cef12006ecc881e1223918

    • SHA512

      dccdd9236987b6accd2e1ef20f376a4d91124f73f9c46286d9118719f9807f06668417c295918b709f87a533ae9427abc34498a607b971b9adf61cdd726d493a

    • SSDEEP

      12288:dXCNi9BIY/EKxKbbzHsfMAFBBVWi1goXsa7w1hrvJ:oW51Kb3M0ABVJ6KPw1hh

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks