Overview

overview

9

Static

static

3

69e7875546...0N.exe

windows7-x64

9

69e7875546...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    69e7875546cca40183a57b4bf1aa9260N

  • Size

    2.6MB

  • Sample

    240908-ekwy9aveln

  • MD5

    69e7875546cca40183a57b4bf1aa9260

  • SHA1

    ea91a1f6d69d602ea320086e86271addf4d83475

  • SHA256

    a1a9b0cbdfbcdd509f8d1d4f397c6c9a3e75858ab74283b4f05243ff79dfbab7

  • SHA512

    6364e79c267285f1727a19380a85346eacd8610b89b10f8824b6e0593fd75a2533671fa6938829ebb75dbceee492eed53de33abcf318afe6b4e68cd5beae8e20

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBKB/bS:sxX7QnxrloE5dpUp9b

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      69e7875546cca40183a57b4bf1aa9260N

    • Size

      2.6MB

    • MD5

      69e7875546cca40183a57b4bf1aa9260

    • SHA1

      ea91a1f6d69d602ea320086e86271addf4d83475

    • SHA256

      a1a9b0cbdfbcdd509f8d1d4f397c6c9a3e75858ab74283b4f05243ff79dfbab7

    • SHA512

      6364e79c267285f1727a19380a85346eacd8610b89b10f8824b6e0593fd75a2533671fa6938829ebb75dbceee492eed53de33abcf318afe6b4e68cd5beae8e20

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBKB/bS:sxX7QnxrloE5dpUp9b

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks