Overview

overview

9

Static

static

3

403613916f...0N.exe

windows7-x64

9

403613916f...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    403613916f6088f2d9f8cac28c754ec0N.exe

  • Size

    2.6MB

  • Sample

    240905-ygardsyalr

  • MD5

    403613916f6088f2d9f8cac28c754ec0

  • SHA1

    1b8831aa4c873a9b2737d19fa5d9e66e8e8dac54

  • SHA256

    cca47cd581e73883ed369432e24b3ed65126ee119c0a270b9a6b14642be5d4f7

  • SHA512

    8788527bea28a87695318462595df7c9ee1bf01f1a39fc9ee39da42c4a36d59d9b811485b1e33f02b66fe889659f0f3a66e6ca15ae6dbfbd566b67b0d8f41956

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bS:sxX7QnxrloE5dpUpBb

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      403613916f6088f2d9f8cac28c754ec0N.exe

    • Size

      2.6MB

    • MD5

      403613916f6088f2d9f8cac28c754ec0

    • SHA1

      1b8831aa4c873a9b2737d19fa5d9e66e8e8dac54

    • SHA256

      cca47cd581e73883ed369432e24b3ed65126ee119c0a270b9a6b14642be5d4f7

    • SHA512

      8788527bea28a87695318462595df7c9ee1bf01f1a39fc9ee39da42c4a36d59d9b811485b1e33f02b66fe889659f0f3a66e6ca15ae6dbfbd566b67b0d8f41956

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bS:sxX7QnxrloE5dpUpBb

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks