Overview

overview

9

Static

static

3

483348b448...0N.exe

windows7-x64

9

483348b448...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    483348b448eb8004875feb9db770bb20N

  • Size

    2.6MB

  • Sample

    240913-y7zhfaxfla

  • MD5

    483348b448eb8004875feb9db770bb20

  • SHA1

    4ae7af65ed4353c49ef812f6bb8179b7cf7a0e1d

  • SHA256

    0bf8db74eae1a6f59b0ffa45a357f7ed1ba9c24564d5bafdb3cbc146b76d243d

  • SHA512

    1c000fb3f5175928cd628b8c794bf411834c4c2fc5a232a7cce96e824765e0f3092ad7abce1822d28f6c6d111e57b9eb1f5c509f1c88a2aaf6744b3e1cfb8e3f

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB3B/bS:sxX7QnxrloE5dpUpcb

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      483348b448eb8004875feb9db770bb20N

    • Size

      2.6MB

    • MD5

      483348b448eb8004875feb9db770bb20

    • SHA1

      4ae7af65ed4353c49ef812f6bb8179b7cf7a0e1d

    • SHA256

      0bf8db74eae1a6f59b0ffa45a357f7ed1ba9c24564d5bafdb3cbc146b76d243d

    • SHA512

      1c000fb3f5175928cd628b8c794bf411834c4c2fc5a232a7cce96e824765e0f3092ad7abce1822d28f6c6d111e57b9eb1f5c509f1c88a2aaf6744b3e1cfb8e3f

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB3B/bS:sxX7QnxrloE5dpUpcb

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks