Overview

overview

9

Static

static

5

file.exe

windows7-x64

9

file.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    1.2MB

  • Sample

    240822-tf7yaayarq

  • MD5

    9b0fc472d182005be2aa3136057fe010

  • SHA1

    5534108357cee4f1c875cf3cfb88bcce28e86a17

  • SHA256

    625cb795e97368485441344c0156e0673862094a5f8dbd942b49bae809cf6ecf

  • SHA512

    0c58b44f72654da93e625614da0979b59da2a1b44d79cf9e28b54d87580e0eb86dc56debf2b161ef734df5098b540137f42692c81d4ec4965b7367b10c6decea

  • SSDEEP

    24576:ZqDEvCTbMWu7rQYlBQcBiT6rprG8aXYDENuT0jOtg:ZTvC/MTQYxsWR7aXYDF0j2

Score
9/10
credential_accessdiscoverystealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      1.2MB

    • MD5

      9b0fc472d182005be2aa3136057fe010

    • SHA1

      5534108357cee4f1c875cf3cfb88bcce28e86a17

    • SHA256

      625cb795e97368485441344c0156e0673862094a5f8dbd942b49bae809cf6ecf

    • SHA512

      0c58b44f72654da93e625614da0979b59da2a1b44d79cf9e28b54d87580e0eb86dc56debf2b161ef734df5098b540137f42692c81d4ec4965b7367b10c6decea

    • SSDEEP

      24576:ZqDEvCTbMWu7rQYlBQcBiT6rprG8aXYDENuT0jOtg:ZTvC/MTQYxsWR7aXYDF0j2

    Score
    9/10
    credential_accessdiscoverystealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks