Overview

overview

9

Static

static

3

0a6ed2a6df...0N.exe

windows7-x64

9

0a6ed2a6df...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    0a6ed2a6dfb764cef924d227bbdd25e0N.exe

  • Size

    2.6MB

  • Sample

    240823-mclgjs1brq

  • MD5

    0a6ed2a6dfb764cef924d227bbdd25e0

  • SHA1

    94d9d09702b42ce240582596b099fb74648c863e

  • SHA256

    1e106675f9816aff6f264516b0c2d76b5805cc66335e6df1f4fb7c1b9b1b3e9e

  • SHA512

    edf1fb21b09ff992bb6ebac0121634c510637e8d676c6344571cf440a94aa8f8a090a8bedc9758fb2dfc5f436e8c741d8d564cdf320636380252e68d55d463e5

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBUB/bS:sxX7QnxrloE5dpUp3b

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      0a6ed2a6dfb764cef924d227bbdd25e0N.exe

    • Size

      2.6MB

    • MD5

      0a6ed2a6dfb764cef924d227bbdd25e0

    • SHA1

      94d9d09702b42ce240582596b099fb74648c863e

    • SHA256

      1e106675f9816aff6f264516b0c2d76b5805cc66335e6df1f4fb7c1b9b1b3e9e

    • SHA512

      edf1fb21b09ff992bb6ebac0121634c510637e8d676c6344571cf440a94aa8f8a090a8bedc9758fb2dfc5f436e8c741d8d564cdf320636380252e68d55d463e5

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBUB/bS:sxX7QnxrloE5dpUp3b

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks