Overview

overview

9

Static

static

3

728b370fe5...0N.exe

windows7-x64

9

728b370fe5...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    728b370fe514bc5c47903d44bfca7460N.exe

  • Size

    2.6MB

  • Sample

    240903-c6f4tavdpk

  • MD5

    728b370fe514bc5c47903d44bfca7460

  • SHA1

    aac07917ac01ff28260b6d10053ee5ddff4eac72

  • SHA256

    30c3978723b1c4e91f0c55705218d0dc26fbd70ec9bf458ab3a045154b49fc0a

  • SHA512

    a5c9c473d5de2ae1876a069d49d82e0cdf2d4319294a48564524fbd8265a3e16f4f95557283229b6192c916846cec79efc05c566a02b267d992ecb7433a5bf6d

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bS:sxX7QnxrloE5dpUpyb

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      728b370fe514bc5c47903d44bfca7460N.exe

    • Size

      2.6MB

    • MD5

      728b370fe514bc5c47903d44bfca7460

    • SHA1

      aac07917ac01ff28260b6d10053ee5ddff4eac72

    • SHA256

      30c3978723b1c4e91f0c55705218d0dc26fbd70ec9bf458ab3a045154b49fc0a

    • SHA512

      a5c9c473d5de2ae1876a069d49d82e0cdf2d4319294a48564524fbd8265a3e16f4f95557283229b6192c916846cec79efc05c566a02b267d992ecb7433a5bf6d

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bS:sxX7QnxrloE5dpUpyb

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks