Overview

overview

8

Static

static

3

7b03dff7a4...69.exe

windows7-x64

8

7b03dff7a4...69.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7b03dff7a43563327fc7985816d4cd0352d62da27a81207f53d28918d29a9c69

  • Size

    717KB

  • Sample

    240911-xs2tksxenp

  • MD5

    995b75fa14c89a153be32843e1877131

  • SHA1

    12a0f6c7122c76f66163542f2f818c5b4e99f70c

  • SHA256

    7b03dff7a43563327fc7985816d4cd0352d62da27a81207f53d28918d29a9c69

  • SHA512

    2bfcfc7c11e9868014bf5ae63cf71d5e0b07e5e950d240dfb9962c173d9ddc294302a11aeb8e7d2b82b51f352569eeff2cd759e43ed0ad9f836c0d7131b495e4

  • SSDEEP

    12288:/l3NPfC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:t3NnLOS2opPIXV

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      7b03dff7a43563327fc7985816d4cd0352d62da27a81207f53d28918d29a9c69

    • Size

      717KB

    • MD5

      995b75fa14c89a153be32843e1877131

    • SHA1

      12a0f6c7122c76f66163542f2f818c5b4e99f70c

    • SHA256

      7b03dff7a43563327fc7985816d4cd0352d62da27a81207f53d28918d29a9c69

    • SHA512

      2bfcfc7c11e9868014bf5ae63cf71d5e0b07e5e950d240dfb9962c173d9ddc294302a11aeb8e7d2b82b51f352569eeff2cd759e43ed0ad9f836c0d7131b495e4

    • SSDEEP

      12288:/l3NPfC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:t3NnLOS2opPIXV

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks