Overview

overview

7

Static

static

3

cd9740a1b5...17.exe

windows7-x64

7

cd9740a1b5...17.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    cd9740a1b585210372bd0a76fb95809accb5be163e311a4ec05c7d25e7e50f17

  • Size

    1.5MB

  • Sample

    240812-cwxntavgqc

  • MD5

    2afe2636fe5889617878219abf1b9d00

  • SHA1

    8da343796485805f863d02f844e543a6a67127e9

  • SHA256

    cd9740a1b585210372bd0a76fb95809accb5be163e311a4ec05c7d25e7e50f17

  • SHA512

    cec6e9ab4c0a578756dbf05d53f0462c7dd950e43860b66238c0f2abcd49eb369af1e29f745451ed5ac4fced9fd81e076c7b32fdc32f0bfc42a6aced69173817

  • SSDEEP

    24576:8GmZbMDi1W7bwDNWHRlMugdD+JsRgZRJ4fM430Eg6nET7M/IiN:JmiDfIDQxlMPdlR8v4UC0Eg6ET7M/I

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      cd9740a1b585210372bd0a76fb95809accb5be163e311a4ec05c7d25e7e50f17

    • Size

      1.5MB

    • MD5

      2afe2636fe5889617878219abf1b9d00

    • SHA1

      8da343796485805f863d02f844e543a6a67127e9

    • SHA256

      cd9740a1b585210372bd0a76fb95809accb5be163e311a4ec05c7d25e7e50f17

    • SHA512

      cec6e9ab4c0a578756dbf05d53f0462c7dd950e43860b66238c0f2abcd49eb369af1e29f745451ed5ac4fced9fd81e076c7b32fdc32f0bfc42a6aced69173817

    • SSDEEP

      24576:8GmZbMDi1W7bwDNWHRlMugdD+JsRgZRJ4fM430Eg6nET7M/IiN:JmiDfIDQxlMPdlR8v4UC0Eg6ET7M/I

    Score
    7/10
    discoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks