Overview

overview

8

Static

static

3

cf967b3031...e4.exe

windows7-x64

7

cf967b3031...e4.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    cf967b3031ba56f78265a81329d151d91ba77672f5d534d29812cd2ef67dece4

  • Size

    3.1MB

  • Sample

    240818-3f8z1stgnr

  • MD5

    e8d78eee6de21b9a463845d03e76243d

  • SHA1

    f6baf87425cea76716b54e2681d9c4d4c9fc53de

  • SHA256

    cf967b3031ba56f78265a81329d151d91ba77672f5d534d29812cd2ef67dece4

  • SHA512

    559e9d61a8a6de08e52e4c870a46bfef2ebe21e630602b8bc923b4710481bfc10dcd0300cabfa0e4c41e50351859dd2b4910006d4849fe703459587dcdfdaa7e

  • SSDEEP

    49152:lVAbw8VyRPkVwSdyKE6a8anqApzEVZnk8m0Uf89+zvi1QXsy4TpM+DWUl+n1aso:TA7VyRPS7MLq4ykF09+riyXWz6Ha

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      cf967b3031ba56f78265a81329d151d91ba77672f5d534d29812cd2ef67dece4

    • Size

      3.1MB

    • MD5

      e8d78eee6de21b9a463845d03e76243d

    • SHA1

      f6baf87425cea76716b54e2681d9c4d4c9fc53de

    • SHA256

      cf967b3031ba56f78265a81329d151d91ba77672f5d534d29812cd2ef67dece4

    • SHA512

      559e9d61a8a6de08e52e4c870a46bfef2ebe21e630602b8bc923b4710481bfc10dcd0300cabfa0e4c41e50351859dd2b4910006d4849fe703459587dcdfdaa7e

    • SSDEEP

      49152:lVAbw8VyRPkVwSdyKE6a8anqApzEVZnk8m0Uf89+zvi1QXsy4TpM+DWUl+n1aso:TA7VyRPS7MLq4ykF09+riyXWz6Ha

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks