Overview

overview

9

Static

static

3

c310345f77...0N.exe

windows7-x64

9

c310345f77...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c310345f776bd70917375b46c831da00N

  • Size

    2.6MB

  • Sample

    240914-d2v8lsvgqd

  • MD5

    c310345f776bd70917375b46c831da00

  • SHA1

    99649095eebf035f97d8b421f75d5837ff5811e3

  • SHA256

    f37711a5468cd6c73634bcd4d89d9fe33617e4ab0bee0fc1c400bb5e54c66490

  • SHA512

    2cafede97638d1d662cfad700c5c78796603ae67df475ebc9d7489d1143ae7c7d68cf2157ea11a2746ee5cc1dc173b291982af8e60ce731d92de84e2b07ed93b

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBtB/bS:sxX7QnxrloE5dpUp6b

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      c310345f776bd70917375b46c831da00N

    • Size

      2.6MB

    • MD5

      c310345f776bd70917375b46c831da00

    • SHA1

      99649095eebf035f97d8b421f75d5837ff5811e3

    • SHA256

      f37711a5468cd6c73634bcd4d89d9fe33617e4ab0bee0fc1c400bb5e54c66490

    • SHA512

      2cafede97638d1d662cfad700c5c78796603ae67df475ebc9d7489d1143ae7c7d68cf2157ea11a2746ee5cc1dc173b291982af8e60ce731d92de84e2b07ed93b

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBtB/bS:sxX7QnxrloE5dpUp6b

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks