Overview

overview

9

Static

static

5

file.exe

windows7-x64

9

file.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    896KB

  • Sample

    240901-xzxs7szbrq

  • MD5

    a80f8369905a553004098607dec0751a

  • SHA1

    8b8e2d5a28541c1cf7bc28437470fcbb4ca3b61f

  • SHA256

    38211db68d53f159f161beb3ae76d14437309e23d15766c14e65125b09534042

  • SHA512

    4975d71400b7120144a9a1668b2a76155669628f65f3371cef0e3954e8dc6eeb68680b243231c5ad4826911673286d0e7817587ce218eb8aa3f989750f9fb216

  • SSDEEP

    12288:7qDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgarTv:7qDEvCTbMWu7rQYlBQcBiT6rprG8avv

Score
9/10
credential_accessdiscoverystealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      896KB

    • MD5

      a80f8369905a553004098607dec0751a

    • SHA1

      8b8e2d5a28541c1cf7bc28437470fcbb4ca3b61f

    • SHA256

      38211db68d53f159f161beb3ae76d14437309e23d15766c14e65125b09534042

    • SHA512

      4975d71400b7120144a9a1668b2a76155669628f65f3371cef0e3954e8dc6eeb68680b243231c5ad4826911673286d0e7817587ce218eb8aa3f989750f9fb216

    • SSDEEP

      12288:7qDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgarTv:7qDEvCTbMWu7rQYlBQcBiT6rprG8avv

    Score
    9/10
    credential_accessdiscoverystealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks