Overview

overview

7

Static

static

3

4a73dec448...c9.exe

windows7-x64

7

4a73dec448...c9.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4a73dec4481a07878c6f1aff6ae8eddcad42d59078d13319dd2a644a8801e9c9

  • Size

    2.3MB

  • Sample

    240901-1szk1atdjg

  • MD5

    26d7bd30fe99aa6dec0bd7c762e6ff3a

  • SHA1

    4ba571c5c9c7fa39ef04556569e4469ecef80b36

  • SHA256

    4a73dec4481a07878c6f1aff6ae8eddcad42d59078d13319dd2a644a8801e9c9

  • SHA512

    523b6bb087b157e2c8ae8008f5f3e0a70246f84d8bf4965bced71194ea62885bca40c39ee88c7a7c5dcaaf5d2392f10697631381d4d6a6a80b0713e66a4c709a

  • SSDEEP

    49152:G0jwcMcdbIG2x01CZ5yV2B2yupJMTVRYW02oBrewOfVvvtekjQRjAy4sCiq6Q28h:MWmx0eQyKJMTVRYW02oB9aHekmRQ6d8h

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      4a73dec4481a07878c6f1aff6ae8eddcad42d59078d13319dd2a644a8801e9c9

    • Size

      2.3MB

    • MD5

      26d7bd30fe99aa6dec0bd7c762e6ff3a

    • SHA1

      4ba571c5c9c7fa39ef04556569e4469ecef80b36

    • SHA256

      4a73dec4481a07878c6f1aff6ae8eddcad42d59078d13319dd2a644a8801e9c9

    • SHA512

      523b6bb087b157e2c8ae8008f5f3e0a70246f84d8bf4965bced71194ea62885bca40c39ee88c7a7c5dcaaf5d2392f10697631381d4d6a6a80b0713e66a4c709a

    • SSDEEP

      49152:G0jwcMcdbIG2x01CZ5yV2B2yupJMTVRYW02oBrewOfVvvtekjQRjAy4sCiq6Q28h:MWmx0eQyKJMTVRYW02oB9aHekmRQ6d8h

    Score
    7/10
    discoverypersistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks