Overview

overview

7

Static

static

3

04ba7616f4...0N.exe

windows7-x64

7

04ba7616f4...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04ba7616f4ca8ac670a19e95d254a880N.exe

  • Size

    3.1MB

  • Sample

    240819-q9acbsxgna

  • MD5

    04ba7616f4ca8ac670a19e95d254a880

  • SHA1

    0ab04098707732ede51e331b3868479ce3fa8921

  • SHA256

    13bd4a150c33479ee5248f0c8490764601ee5042289d674ade48563f60c16217

  • SHA512

    27d2c815f22f5884d4e04e8c29d8464f77426709e2f68d6688a8457156d88835a9265fa11e9e7b582fe5ea1da4588d90229e2ac3bf223fb20b8944aea1bea49d

  • SSDEEP

    49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBJ9w4Su+LNfej:+R0pI/IQlUoMPdmpSpF4JkNfej

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      04ba7616f4ca8ac670a19e95d254a880N.exe

    • Size

      3.1MB

    • MD5

      04ba7616f4ca8ac670a19e95d254a880

    • SHA1

      0ab04098707732ede51e331b3868479ce3fa8921

    • SHA256

      13bd4a150c33479ee5248f0c8490764601ee5042289d674ade48563f60c16217

    • SHA512

      27d2c815f22f5884d4e04e8c29d8464f77426709e2f68d6688a8457156d88835a9265fa11e9e7b582fe5ea1da4588d90229e2ac3bf223fb20b8944aea1bea49d

    • SSDEEP

      49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBJ9w4Su+LNfej:+R0pI/IQlUoMPdmpSpF4JkNfej

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks