Overview

overview

9

Static

static

3

9685165a06...0N.exe

windows7-x64

9

9685165a06...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    9685165a0671d9571420d4d3290f6ae0N.exe

  • Size

    2.6MB

  • Sample

    240821-t87g8ashmr

  • MD5

    9685165a0671d9571420d4d3290f6ae0

  • SHA1

    a3fa639237e701401f5ec5a83277b49d504b3fc3

  • SHA256

    e3352c204245b7ab73c3b1210b8cdb6d0b779cc5820996a509b64ca5a608902b

  • SHA512

    7bfbf62cc524bea401b89f00b368004032fdef1feb3013c96cf205e836614b069fc6b6790bcec2a93d7a017b38aa52511b4bec1b809de1fc4573f878bb5173e7

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bS:sxX7QnxrloE5dpUpab

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      9685165a0671d9571420d4d3290f6ae0N.exe

    • Size

      2.6MB

    • MD5

      9685165a0671d9571420d4d3290f6ae0

    • SHA1

      a3fa639237e701401f5ec5a83277b49d504b3fc3

    • SHA256

      e3352c204245b7ab73c3b1210b8cdb6d0b779cc5820996a509b64ca5a608902b

    • SHA512

      7bfbf62cc524bea401b89f00b368004032fdef1feb3013c96cf205e836614b069fc6b6790bcec2a93d7a017b38aa52511b4bec1b809de1fc4573f878bb5173e7

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bS:sxX7QnxrloE5dpUpab

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks