Overview

overview

8

Static

static

3

a4f125d087...f7.exe

windows7-x64

7

a4f125d087...f7.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a4f125d0870d05b89efecd3b6c6e4e7629f07a8c3f64c008fa6f283c2bf695f7

  • Size

    2.0MB

  • Sample

    240818-21syvszdld

  • MD5

    b5658f8e51ee93bfd11aab9341dbb4e6

  • SHA1

    94b7d8959af9734743b28393774b2553e3884d7f

  • SHA256

    a4f125d0870d05b89efecd3b6c6e4e7629f07a8c3f64c008fa6f283c2bf695f7

  • SHA512

    8530b12dca895ea45c2b7c570666dfb27f675782f5b06895c81db97f34b96303e7d532fc56ddafa0adcdce5e0ee354ef72bb8cd6d8c74dc03cbfb66e3be50c76

  • SSDEEP

    49152:nVAbwuGwKOco09gsJcxlV8fTguPOAItUIrhO5Ov:VApQx5+Mc27g9tfoMv

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      a4f125d0870d05b89efecd3b6c6e4e7629f07a8c3f64c008fa6f283c2bf695f7

    • Size

      2.0MB

    • MD5

      b5658f8e51ee93bfd11aab9341dbb4e6

    • SHA1

      94b7d8959af9734743b28393774b2553e3884d7f

    • SHA256

      a4f125d0870d05b89efecd3b6c6e4e7629f07a8c3f64c008fa6f283c2bf695f7

    • SHA512

      8530b12dca895ea45c2b7c570666dfb27f675782f5b06895c81db97f34b96303e7d532fc56ddafa0adcdce5e0ee354ef72bb8cd6d8c74dc03cbfb66e3be50c76

    • SSDEEP

      49152:nVAbwuGwKOco09gsJcxlV8fTguPOAItUIrhO5Ov:VApQx5+Mc27g9tfoMv

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks