Overview

overview

9

Static

static

3

6b0a55ffdd...0N.exe

windows7-x64

9

6b0a55ffdd...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    6b0a55ffdd69076a4dbc683cefca3380N

  • Size

    2.6MB

  • Sample

    240914-teqmlssfph

  • MD5

    6b0a55ffdd69076a4dbc683cefca3380

  • SHA1

    222163ac495e67358d4a749ea684ed2991bddbfd

  • SHA256

    11770b9dabfb82225d5731358d9abdbf9234e0d91b01cbbb4a62a58a89c0260b

  • SHA512

    f613a97982654232a6965da5ce8da591c8dad9f68b4c1aea7aae38091a910961f6ffff6f7f9f366b201d740081073f39a7144906e9063d36c02b6ccb11af663d

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBFB/bS:sxX7QnxrloE5dpUpWb

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      6b0a55ffdd69076a4dbc683cefca3380N

    • Size

      2.6MB

    • MD5

      6b0a55ffdd69076a4dbc683cefca3380

    • SHA1

      222163ac495e67358d4a749ea684ed2991bddbfd

    • SHA256

      11770b9dabfb82225d5731358d9abdbf9234e0d91b01cbbb4a62a58a89c0260b

    • SHA512

      f613a97982654232a6965da5ce8da591c8dad9f68b4c1aea7aae38091a910961f6ffff6f7f9f366b201d740081073f39a7144906e9063d36c02b6ccb11af663d

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBFB/bS:sxX7QnxrloE5dpUpWb

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks