Overview

overview

9

Static

static

3

2c6c10483a...0N.exe

windows7-x64

9

2c6c10483a...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c6c10483ac744eca0c4050a82ab08f0N.exe

  • Size

    3.0MB

  • Sample

    240818-p84n4sxcjn

  • MD5

    2c6c10483ac744eca0c4050a82ab08f0

  • SHA1

    bb3d8687ea94d60e52ef1b58c429ed39d17f342d

  • SHA256

    5160cd352a0f25b6236f1e2b99854f80dfdd564e31a5da366121017407af5c65

  • SHA512

    fefda4e996ca1fd4beff65b48c90c5640bf52982674a4a7be8f688cd0d990e237994028ff2ded3e65e3c37d0447729f54a00ce5015701a1d20a20264c8012972

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBFB/bSqz8b6LNX:sxX7QnxrloE5dpUpCbVz8eLF

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      2c6c10483ac744eca0c4050a82ab08f0N.exe

    • Size

      3.0MB

    • MD5

      2c6c10483ac744eca0c4050a82ab08f0

    • SHA1

      bb3d8687ea94d60e52ef1b58c429ed39d17f342d

    • SHA256

      5160cd352a0f25b6236f1e2b99854f80dfdd564e31a5da366121017407af5c65

    • SHA512

      fefda4e996ca1fd4beff65b48c90c5640bf52982674a4a7be8f688cd0d990e237994028ff2ded3e65e3c37d0447729f54a00ce5015701a1d20a20264c8012972

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBFB/bSqz8b6LNX:sxX7QnxrloE5dpUpCbVz8eLF

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks