Overview

overview

8

Static

static

3

b12a958465...89.exe

windows7-x64

8

b12a958465...89.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    b12a95846534745946abba403dca5939a2b9b463a0c256cf38f7601a4a7dce89

  • Size

    5.7MB

  • Sample

    240904-nf1lbayerr

  • MD5

    100149471d30f520c57bc4e26d252ff5

  • SHA1

    72e68cba03ce0cf2016b23cf6f1f9cfe92972b3e

  • SHA256

    b12a95846534745946abba403dca5939a2b9b463a0c256cf38f7601a4a7dce89

  • SHA512

    7b549718b3ba429be34d3a5a86bdc8a48797aacd08883fce56842bd5defa4c5be37485fb8582cd50c4792ffb88e2359961345dd6af71862d9e6508b99ee9c907

  • SSDEEP

    49152:+dRPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTP:+d9KUgTH2M2m9UMpu1QfLczqssnKSk

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      b12a95846534745946abba403dca5939a2b9b463a0c256cf38f7601a4a7dce89

    • Size

      5.7MB

    • MD5

      100149471d30f520c57bc4e26d252ff5

    • SHA1

      72e68cba03ce0cf2016b23cf6f1f9cfe92972b3e

    • SHA256

      b12a95846534745946abba403dca5939a2b9b463a0c256cf38f7601a4a7dce89

    • SHA512

      7b549718b3ba429be34d3a5a86bdc8a48797aacd08883fce56842bd5defa4c5be37485fb8582cd50c4792ffb88e2359961345dd6af71862d9e6508b99ee9c907

    • SSDEEP

      49152:+dRPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTP:+d9KUgTH2M2m9UMpu1QfLczqssnKSk

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks