Overview

overview

9

Static

static

3

5d44d931b2...0N.exe

windows7-x64

9

5d44d931b2...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d44d931b2aab85ab66c3806c6aca850N.exe

  • Size

    4.0MB

  • Sample

    240820-t8vhnawgpl

  • MD5

    5d44d931b2aab85ab66c3806c6aca850

  • SHA1

    fc51cbe724e9be94a9a3ab061c4693c75324d41b

  • SHA256

    b31f9d02c756e95a2eba310bf583e3a0cf97cfab0668751c7ccb6f9197824d34

  • SHA512

    a38306f47ad955bc5fd0d9dd6d32dd4ceb8979a2bd6a9ac53874c6e0e25fd3705737fa73554a2cc4d5a67cb31fe7695f7379696a3f7dea7a6e537900c8310f37

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB0B/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp7bVz8eLFcz

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      5d44d931b2aab85ab66c3806c6aca850N.exe

    • Size

      4.0MB

    • MD5

      5d44d931b2aab85ab66c3806c6aca850

    • SHA1

      fc51cbe724e9be94a9a3ab061c4693c75324d41b

    • SHA256

      b31f9d02c756e95a2eba310bf583e3a0cf97cfab0668751c7ccb6f9197824d34

    • SHA512

      a38306f47ad955bc5fd0d9dd6d32dd4ceb8979a2bd6a9ac53874c6e0e25fd3705737fa73554a2cc4d5a67cb31fe7695f7379696a3f7dea7a6e537900c8310f37

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB0B/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp7bVz8eLFcz

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.