Overview

overview

7

Static

static

3

4a890237c7...0N.exe

windows7-x64

7

4a890237c7...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4a890237c7fb50d7f67d243df6e1bc60N.exe

  • Size

    1.8MB

  • Sample

    240814-n9bjaawbrj

  • MD5

    4a890237c7fb50d7f67d243df6e1bc60

  • SHA1

    edd3c27a074c68f2a7226aab8fdfc74c9c806104

  • SHA256

    b72f3a8e6f23b84de1010b5894394169f7cbe0098107ef9491e85f72bb4c16c4

  • SHA512

    e8e06ac0d8ce7d963dd693d494447ce6cb497bdd0de138fe144b7916f28c2b133d7422ccd8a678ff0530c3b3fe4ff1f0af609356c3141e0f8e73f3ba2fe0a300

  • SSDEEP

    24576:oWvJWAoUE6ZukGE6/ODVROBJS3emtTJ4Hcj4m7beEx9+fFukjjrz4Ka3Qbljp+DE:Vx7o6uC6/sROeumPucjZeukAcljORrzi

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      4a890237c7fb50d7f67d243df6e1bc60N.exe

    • Size

      1.8MB

    • MD5

      4a890237c7fb50d7f67d243df6e1bc60

    • SHA1

      edd3c27a074c68f2a7226aab8fdfc74c9c806104

    • SHA256

      b72f3a8e6f23b84de1010b5894394169f7cbe0098107ef9491e85f72bb4c16c4

    • SHA512

      e8e06ac0d8ce7d963dd693d494447ce6cb497bdd0de138fe144b7916f28c2b133d7422ccd8a678ff0530c3b3fe4ff1f0af609356c3141e0f8e73f3ba2fe0a300

    • SSDEEP

      24576:oWvJWAoUE6ZukGE6/ODVROBJS3emtTJ4Hcj4m7beEx9+fFukjjrz4Ka3Qbljp+DE:Vx7o6uC6/sROeumPucjZeukAcljORrzi

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks