Overview

overview

7

Static

static

3

0239d7a596...0N.exe

windows7-x64

7

0239d7a596...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0239d7a596d41ab38d74fbf6e25e07a0N.exe

  • Size

    1.3MB

  • Sample

    240906-1qt8hazcjn

  • MD5

    0239d7a596d41ab38d74fbf6e25e07a0

  • SHA1

    2dcaa99ba79a85a887c6bb2548ec77e5c0ef6b28

  • SHA256

    6c67b21c5fd9aa4d9c9dca1c630382efca443552f1a257e4eb6b0708e12cd1db

  • SHA512

    eea432330131631e70c28c37392feb24bad2af3ed27518c622d0da94d2fe6eb40ace6251b9bc25e67ea1697f5709783f6da8560e92de581173c15152f225957d

  • SSDEEP

    24576:CTyu4RzLb011P4tdTkIlFAlpq7xDBgI370Ogn8I1wWB4bxVTKlxUe6mGaPLT5j7Q:CTGLb0PMFlV7FC470/8qwWyvCqmxV8

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      0239d7a596d41ab38d74fbf6e25e07a0N.exe

    • Size

      1.3MB

    • MD5

      0239d7a596d41ab38d74fbf6e25e07a0

    • SHA1

      2dcaa99ba79a85a887c6bb2548ec77e5c0ef6b28

    • SHA256

      6c67b21c5fd9aa4d9c9dca1c630382efca443552f1a257e4eb6b0708e12cd1db

    • SHA512

      eea432330131631e70c28c37392feb24bad2af3ed27518c622d0da94d2fe6eb40ace6251b9bc25e67ea1697f5709783f6da8560e92de581173c15152f225957d

    • SSDEEP

      24576:CTyu4RzLb011P4tdTkIlFAlpq7xDBgI370Ogn8I1wWB4bxVTKlxUe6mGaPLT5j7Q:CTGLb0PMFlV7FC470/8qwWyvCqmxV8

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks