Overview

overview

7

Static

static

3

89d29a8bec...92.exe

windows7-x64

7

89d29a8bec...92.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    89d29a8bec914eba32cb43f75c9545fbb82837a2d6b6642ecba0ba9e273bdd92

  • Size

    4.8MB

  • Sample

    240908-mgr5ws1ckj

  • MD5

    9e69a054a4f8bd2955f38b5c6f1669f1

  • SHA1

    a9c82ac9b649760ec9c31c8f631d59f1e3727410

  • SHA256

    89d29a8bec914eba32cb43f75c9545fbb82837a2d6b6642ecba0ba9e273bdd92

  • SHA512

    37408bde6e6806a01caaeeab9d702735f71e60f4ec0078b377f46c7a11a6ebc834492d8244d8a087cb50a4c46c9c35fa66654ea2ca07b56b50ad5cd5cb737f3b

  • SSDEEP

    49152:Akny1B/KCGZd0qgNEf16lhulJLirHJIZ/K0tDAy49uO7G6XSq4vFWVRxYOKKJY+l:Akny4WQtZ/K0tGOFWVRuLftCTx

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      89d29a8bec914eba32cb43f75c9545fbb82837a2d6b6642ecba0ba9e273bdd92

    • Size

      4.8MB

    • MD5

      9e69a054a4f8bd2955f38b5c6f1669f1

    • SHA1

      a9c82ac9b649760ec9c31c8f631d59f1e3727410

    • SHA256

      89d29a8bec914eba32cb43f75c9545fbb82837a2d6b6642ecba0ba9e273bdd92

    • SHA512

      37408bde6e6806a01caaeeab9d702735f71e60f4ec0078b377f46c7a11a6ebc834492d8244d8a087cb50a4c46c9c35fa66654ea2ca07b56b50ad5cd5cb737f3b

    • SSDEEP

      49152:Akny1B/KCGZd0qgNEf16lhulJLirHJIZ/K0tDAy49uO7G6XSq4vFWVRxYOKKJY+l:Akny4WQtZ/K0tGOFWVRuLftCTx

    Score
    7/10
    discoverypersistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks