Overview

overview

7

Static

static

3

41d9da36ee...0N.exe

windows7-x64

7

41d9da36ee...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    41d9da36ee62a48e71532655c5c2ea20N.exe

  • Size

    652KB

  • Sample

    240818-hb1sma1ana

  • MD5

    41d9da36ee62a48e71532655c5c2ea20

  • SHA1

    4ed5fbd42073a4e460dc14473473bb1ae04e4bad

  • SHA256

    a4b333ba9c922d839744981725cc13851f85ebbdfb56b491ffdeaa04bf1a57c1

  • SHA512

    4842d6c21d5f1d1c75af241782078dc3408a17ce10695bdf747a7ea927589506f16f7bc20dadb64a8948f3340b770b520b0ccadfe12559ac7cfc8b85a692c062

  • SSDEEP

    12288:dXCNi9BGJMsa7l8zoAmuRCJfrcWnkyI25awbxLmdU9Y+b+CugE8biPin6fLYRn:oWstalEBRCJ3/5XE1ME8+iniMRn

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      41d9da36ee62a48e71532655c5c2ea20N.exe

    • Size

      652KB

    • MD5

      41d9da36ee62a48e71532655c5c2ea20

    • SHA1

      4ed5fbd42073a4e460dc14473473bb1ae04e4bad

    • SHA256

      a4b333ba9c922d839744981725cc13851f85ebbdfb56b491ffdeaa04bf1a57c1

    • SHA512

      4842d6c21d5f1d1c75af241782078dc3408a17ce10695bdf747a7ea927589506f16f7bc20dadb64a8948f3340b770b520b0ccadfe12559ac7cfc8b85a692c062

    • SSDEEP

      12288:dXCNi9BGJMsa7l8zoAmuRCJfrcWnkyI25awbxLmdU9Y+b+CugE8biPin6fLYRn:oWstalEBRCJ3/5XE1ME8+iniMRn

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks