Overview

overview

8

Static

static

3

42a83677bf...f6.exe

windows7-x64

7

42a83677bf...f6.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42a83677bfead1185efc73991e3d6e4fbb21910de04aa72514981bf2ea96fef6

  • Size

    3.1MB

  • Sample

    240821-1m1k4swcqp

  • MD5

    c2ba9f252d93d245f4cd9f7e72a7ed25

  • SHA1

    d6b2e1c67037644c6aee4e46542e9de4ad746c3b

  • SHA256

    42a83677bfead1185efc73991e3d6e4fbb21910de04aa72514981bf2ea96fef6

  • SHA512

    29ad4725d928a41de32f419cfab2053bc058a7622023f77b8b6e4e80238f24106305703e30a521e8b8290d595cdab442dc930924eb2dd466997d43aae8b7ed18

  • SSDEEP

    49152:aNEyYYC1hqiJckG38dBFOhg5/6qF3rjb/h4CNcTCP8xphzSNtOSe+aS:gEP1y3+0hgh6u/ZcTCP8BzONaS

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      42a83677bfead1185efc73991e3d6e4fbb21910de04aa72514981bf2ea96fef6

    • Size

      3.1MB

    • MD5

      c2ba9f252d93d245f4cd9f7e72a7ed25

    • SHA1

      d6b2e1c67037644c6aee4e46542e9de4ad746c3b

    • SHA256

      42a83677bfead1185efc73991e3d6e4fbb21910de04aa72514981bf2ea96fef6

    • SHA512

      29ad4725d928a41de32f419cfab2053bc058a7622023f77b8b6e4e80238f24106305703e30a521e8b8290d595cdab442dc930924eb2dd466997d43aae8b7ed18

    • SSDEEP

      49152:aNEyYYC1hqiJckG38dBFOhg5/6qF3rjb/h4CNcTCP8xphzSNtOSe+aS:gEP1y3+0hgh6u/ZcTCP8BzONaS

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks