Overview

overview

7

Static

static

3

08e6cebc54...0N.exe

windows7-x64

7

08e6cebc54...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    08e6cebc542e68c4fe8e1491ec6a2a50N.exe

  • Size

    355KB

  • Sample

    240817-p2j15awemc

  • MD5

    08e6cebc542e68c4fe8e1491ec6a2a50

  • SHA1

    dec88ca2635514e13927442727113dbe78a612c5

  • SHA256

    5980441b5286f2292b435943e288ba31a91c7dcddcf84a5555b9ba63a85d2c3a

  • SHA512

    23683bb592299a91b2616c7738f823737b7a1c754490b5cf32add36c464b7a0be755101762f1aeff4d2994457ac02a15e7f5eb0c6e44363342f1c137d0f6467d

  • SSDEEP

    6144:OWY9TmR4qxs3NBB5sSbSu17H6w96rvPD2P3FCanYP8PX8k5OcN8XDtLHAwZ/zn5w:OWji9BF/76q6WP3gan0VOIdHAwZ9VEFx

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      08e6cebc542e68c4fe8e1491ec6a2a50N.exe

    • Size

      355KB

    • MD5

      08e6cebc542e68c4fe8e1491ec6a2a50

    • SHA1

      dec88ca2635514e13927442727113dbe78a612c5

    • SHA256

      5980441b5286f2292b435943e288ba31a91c7dcddcf84a5555b9ba63a85d2c3a

    • SHA512

      23683bb592299a91b2616c7738f823737b7a1c754490b5cf32add36c464b7a0be755101762f1aeff4d2994457ac02a15e7f5eb0c6e44363342f1c137d0f6467d

    • SSDEEP

      6144:OWY9TmR4qxs3NBB5sSbSu17H6w96rvPD2P3FCanYP8PX8k5OcN8XDtLHAwZ/zn5w:OWji9BF/76q6WP3gan0VOIdHAwZ9VEFx

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks