Overview

overview

7

Static

static

3

184e59e76f...26.exe

windows7-x64

7

184e59e76f...26.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    9310d851134a48c6d594498a5cb45162.zip

  • Size

    654KB

  • Sample

    240901-sby9xavbna

  • MD5

    3ce239efa42de4a92039aa438a769f00

  • SHA1

    c694031937a64beb23cd9d4d80d36b73a92b460a

  • SHA256

    e09b7c6f35020e7cb1c9249b02eddc0b0104e71eec21a97eb829165529df0d3a

  • SHA512

    6613786da1e0c7cad588e0bb805d31da8b2c1c659a96603cc772b43c2178a2cb137ec1cb9a7d8c25f1aeac91679ce0fcf8783c8c1d7f8314f33e5fb09c8ca6a8

  • SSDEEP

    12288:aXhq1lnXHMhEz0Cfz/4rIM2wXbS8jKPSnTxAaN9pccXZR:rlXHIEzDb/4P2ISyD9ZL

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      184e59e76f6fa14247e00c92234aa8475ad86486b03177ceac287691e75cd726

    • Size

      1.5MB

    • MD5

      9310d851134a48c6d594498a5cb45162

    • SHA1

      d88c57ef82b0eeed05cdf44d9a7d6e95cb2b6a08

    • SHA256

      184e59e76f6fa14247e00c92234aa8475ad86486b03177ceac287691e75cd726

    • SHA512

      d1fb9bec4bc960186f55f518b0db50dc9276282fefda9313bc4e51b5340b484fe1311d6e8e86ca2ec1496d49d80931523f3de9271794deb4dc447d87b153ca34

    • SSDEEP

      24576:8uPmLDUMihIXCE5uEGOivIEQ5ELbHjR0L2oXzD:8u+LIIX7gEGOivRQ5EfHjA2ojD

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks