Overview

overview

8

Static

static

3

811f1e3027...4b.exe

windows7-x64

7

811f1e3027...4b.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    811f1e302748ec7d55a725e69d66710de35331c218fde8da9a33f89ccf5e7e4b

  • Size

    3.1MB

  • Sample

    240817-ayd85swhqe

  • MD5

    43f40c71f24d69525ef294d79051f341

  • SHA1

    5ac2d14a1e6be097ab26739a735846a163478bb2

  • SHA256

    811f1e302748ec7d55a725e69d66710de35331c218fde8da9a33f89ccf5e7e4b

  • SHA512

    1349582a979b02adbeebc0cb59e86ffea83b598595307c4417ceadc75e7bf7f51ee2e62a39e1138f309923529796f1d6ef005c3b03a2a1f527f351eaa26608bd

  • SSDEEP

    49152:IVAbw8VyRPkVwSdyKE6a8anqApzEVZnk8m0Uf89+zvi1QXsy4TpM+DWUl+n1aso:EA7VyRPS7MLq4ykF09+riyXWz6Ha

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      811f1e302748ec7d55a725e69d66710de35331c218fde8da9a33f89ccf5e7e4b

    • Size

      3.1MB

    • MD5

      43f40c71f24d69525ef294d79051f341

    • SHA1

      5ac2d14a1e6be097ab26739a735846a163478bb2

    • SHA256

      811f1e302748ec7d55a725e69d66710de35331c218fde8da9a33f89ccf5e7e4b

    • SHA512

      1349582a979b02adbeebc0cb59e86ffea83b598595307c4417ceadc75e7bf7f51ee2e62a39e1138f309923529796f1d6ef005c3b03a2a1f527f351eaa26608bd

    • SSDEEP

      49152:IVAbw8VyRPkVwSdyKE6a8anqApzEVZnk8m0Uf89+zvi1QXsy4TpM+DWUl+n1aso:EA7VyRPS7MLq4ykF09+riyXWz6Ha

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks