Overview

overview

9

Static

static

3

854f15084b...0N.exe

windows7-x64

9

854f15084b...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    854f15084bcb8d87608d0fae3b26ad00N

  • Size

    2.6MB

  • Sample

    240909-qny4kazfjn

  • MD5

    854f15084bcb8d87608d0fae3b26ad00

  • SHA1

    87873e6717f82e7215f78a6d8d19ead8979129bf

  • SHA256

    91bedb243bb892ec224dbd3abf459804dcce11800ea0cb76db851739c4dc2ea8

  • SHA512

    9783f77e2686fe995d98fa711f8455608b76c054ca8bdefb12911c8fed3eebf66200281440aea17e8413f4dcadaebef70314b06865b9cfe8484b2a1bad3ecea1

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBCB/bS:sxX7QnxrloE5dpUp1b

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      854f15084bcb8d87608d0fae3b26ad00N

    • Size

      2.6MB

    • MD5

      854f15084bcb8d87608d0fae3b26ad00

    • SHA1

      87873e6717f82e7215f78a6d8d19ead8979129bf

    • SHA256

      91bedb243bb892ec224dbd3abf459804dcce11800ea0cb76db851739c4dc2ea8

    • SHA512

      9783f77e2686fe995d98fa711f8455608b76c054ca8bdefb12911c8fed3eebf66200281440aea17e8413f4dcadaebef70314b06865b9cfe8484b2a1bad3ecea1

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBCB/bS:sxX7QnxrloE5dpUp1b

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks