Overview

overview

8

Static

static

3

2b3a0f5767...0a.exe

windows7-x64

7

2b3a0f5767...0a.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    2b3a0f576754ea9cbcfeae60cc7de036a44879568c18ec1380552cddc878ac0a

  • Size

    3.1MB

  • Sample

    240828-zqrlyawakb

  • MD5

    b0d06967937fcff215cca3b4a4ec0986

  • SHA1

    ae24ae0670be337209faadab1c380aaacfc3a9c0

  • SHA256

    2b3a0f576754ea9cbcfeae60cc7de036a44879568c18ec1380552cddc878ac0a

  • SHA512

    aa304e838cd5a7814cae560bde1cc9fcabd87ef03b1eef3944d8cbd6c7bc26de58184e29fa587a045d6725812aae15e7afd75dceab60867801ff333751aa9d11

  • SSDEEP

    98304:EAcRTd/kggQSwydThBmnXodHG+z92I0xkZV8zDzSC:WRTFkg3SwyhsXoRG+zAkZCzDz/

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      2b3a0f576754ea9cbcfeae60cc7de036a44879568c18ec1380552cddc878ac0a

    • Size

      3.1MB

    • MD5

      b0d06967937fcff215cca3b4a4ec0986

    • SHA1

      ae24ae0670be337209faadab1c380aaacfc3a9c0

    • SHA256

      2b3a0f576754ea9cbcfeae60cc7de036a44879568c18ec1380552cddc878ac0a

    • SHA512

      aa304e838cd5a7814cae560bde1cc9fcabd87ef03b1eef3944d8cbd6c7bc26de58184e29fa587a045d6725812aae15e7afd75dceab60867801ff333751aa9d11

    • SSDEEP

      98304:EAcRTd/kggQSwydThBmnXodHG+z92I0xkZV8zDzSC:WRTFkg3SwyhsXoRG+zAkZCzDz/

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks