Overview

overview

9

Static

static

3

file.exe

windows7-x64

9

file.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    3.1MB

  • Sample

    240822-mvjexasfjg

  • MD5

    1c7ebcdade13eebb33b4efda3a9ee280

  • SHA1

    6dd022afc1ecdee926663cdf51942d197c38e6fb

  • SHA256

    9ae0469bb6518417e8cf3e431550f4ee21130757fbea543a639fff11c836e357

  • SHA512

    b24c3f7a7eb45f0ba810ea1bef07c456fec1cc7f2258ee19c9fece793797b2716ecbb00cbe47b6ff5eb647430fccbe139ed098170feb11918f4031c692760462

  • SSDEEP

    49152:DG4dSxsLyF855Tkt/cE7NIHrV/0YBNEwSeOZ7jYHYiepCLz4RTFAf6R1Mp:DG4dSxETQ/mLV/0AC5eOd3sLzkK+

Score
9/10
credential_accessdiscoveryspywarestealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      3.1MB

    • MD5

      1c7ebcdade13eebb33b4efda3a9ee280

    • SHA1

      6dd022afc1ecdee926663cdf51942d197c38e6fb

    • SHA256

      9ae0469bb6518417e8cf3e431550f4ee21130757fbea543a639fff11c836e357

    • SHA512

      b24c3f7a7eb45f0ba810ea1bef07c456fec1cc7f2258ee19c9fece793797b2716ecbb00cbe47b6ff5eb647430fccbe139ed098170feb11918f4031c692760462

    • SSDEEP

      49152:DG4dSxsLyF855Tkt/cE7NIHrV/0YBNEwSeOZ7jYHYiepCLz4RTFAf6R1Mp:DG4dSxETQ/mLV/0AC5eOd3sLzkK+

    Score
    9/10
    credential_accessdiscoveryspywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks