Overview

overview

9

Static

static

3

4d4fe74707...0N.exe

windows7-x64

9

4d4fe74707...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4d4fe7470740795c03a1e44fda668960N.exe

  • Size

    1.2MB

  • Sample

    240818-f5syrsxhpa

  • MD5

    4d4fe7470740795c03a1e44fda668960

  • SHA1

    4912e5db75f32431d45fe4f83c5ed77c9bd3aa32

  • SHA256

    be25a7675a49d760ec46d2dd9b51c1ad32b7907400155f252d9104db4f8f0573

  • SHA512

    ca9e8438641b5f90b3dec897935f3911d091a77727f832704d53443d39bc97ad64ede07443faae2f7be418f5f8c1f8cb4b3cf94fdbeb6eda56071aa44a9ed4c1

  • SSDEEP

    24576:JmBkxvqWZNIWHziUuWFxPfuKxBeJut16jegv2Dugw6ER2lYC0T7Bn0V+Z:JI+fzupKPeJu16J8GW0T7BbZ

Score
9/10
credential_accessdiscoverystealer

Malware Config

Targets

    • Target

      4d4fe7470740795c03a1e44fda668960N.exe

    • Size

      1.2MB

    • MD5

      4d4fe7470740795c03a1e44fda668960

    • SHA1

      4912e5db75f32431d45fe4f83c5ed77c9bd3aa32

    • SHA256

      be25a7675a49d760ec46d2dd9b51c1ad32b7907400155f252d9104db4f8f0573

    • SHA512

      ca9e8438641b5f90b3dec897935f3911d091a77727f832704d53443d39bc97ad64ede07443faae2f7be418f5f8c1f8cb4b3cf94fdbeb6eda56071aa44a9ed4c1

    • SSDEEP

      24576:JmBkxvqWZNIWHziUuWFxPfuKxBeJut16jegv2Dugw6ER2lYC0T7Bn0V+Z:JI+fzupKPeJu16J8GW0T7BbZ

    Score
    9/10
    credential_accessdiscoverystealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks