Overview

overview

9

Static

static

3

97f7388bc9...0N.exe

windows7-x64

9

97f7388bc9...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    97f7388bc98a68b44272c750336f8450N

  • Size

    2.6MB

  • Sample

    240914-nl1s9ssbkh

  • MD5

    97f7388bc98a68b44272c750336f8450

  • SHA1

    d6cb95b680fdafcbb430b05b775a6b41eb47cab1

  • SHA256

    f790d9d41ccd8b36df9f1f9f02e97bafa56b71b18cf78646faa10c0a56593a1f

  • SHA512

    56c9afae5260cf5c7d8ef84eb1a1607578886867ecf5f96ebf6d8e96dcc18351bc0e257a252c1f69660147aa4d86671b39018687ec25e8780573f9aba9b9208c

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBMB/bS:sxX7QnxrloE5dpUpTb

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      97f7388bc98a68b44272c750336f8450N

    • Size

      2.6MB

    • MD5

      97f7388bc98a68b44272c750336f8450

    • SHA1

      d6cb95b680fdafcbb430b05b775a6b41eb47cab1

    • SHA256

      f790d9d41ccd8b36df9f1f9f02e97bafa56b71b18cf78646faa10c0a56593a1f

    • SHA512

      56c9afae5260cf5c7d8ef84eb1a1607578886867ecf5f96ebf6d8e96dcc18351bc0e257a252c1f69660147aa4d86671b39018687ec25e8780573f9aba9b9208c

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBMB/bS:sxX7QnxrloE5dpUpTb

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks