Overview

overview

8

Static

static

3

fd6c066ae2...6d.exe

windows7-x64

8

fd6c066ae2...6d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd6c066ae29014303ec1c1c972d886d4dea02a3aca240d3bd435ca39f307a36d

  • Size

    10.5MB

  • Sample

    240901-n89ppazepq

  • MD5

    3d0d21bb14b9b2c32b8c48ffc0129f43

  • SHA1

    bbe5f11930fc85fecefee72ed503cab2e0060c39

  • SHA256

    fd6c066ae29014303ec1c1c972d886d4dea02a3aca240d3bd435ca39f307a36d

  • SHA512

    f448780d564cc3061df35a687177da60d486010928fe923f58a38b8db1c78c6d67d46c1fdcad95c0e68765e7fe97204333cd4f707fa9c37de364a7c3cfec57bb

  • SSDEEP

    196608:p9tqSSJ7PbDdh0HtQba8z1sjzkAilU4I4:pu5J7PbDjOQba8psjzyz

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      fd6c066ae29014303ec1c1c972d886d4dea02a3aca240d3bd435ca39f307a36d

    • Size

      10.5MB

    • MD5

      3d0d21bb14b9b2c32b8c48ffc0129f43

    • SHA1

      bbe5f11930fc85fecefee72ed503cab2e0060c39

    • SHA256

      fd6c066ae29014303ec1c1c972d886d4dea02a3aca240d3bd435ca39f307a36d

    • SHA512

      f448780d564cc3061df35a687177da60d486010928fe923f58a38b8db1c78c6d67d46c1fdcad95c0e68765e7fe97204333cd4f707fa9c37de364a7c3cfec57bb

    • SSDEEP

      196608:p9tqSSJ7PbDdh0HtQba8z1sjzkAilU4I4:pu5J7PbDjOQba8psjzyz

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks