Overview

overview

7

Static

static

3

d2ada1435e...7N.exe

windows7-x64

7

d2ada1435e...7N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d2ada1435eb61fa1d88581a5e016de1846139e62e0de91a8527c069810cfb957N

  • Size

    128KB

  • Sample

    240919-d9387ayhlh

  • MD5

    a20d59e9b2ef7e85e311973ccb433160

  • SHA1

    2e248dc8aec9bd64c997b342903203bc39e59005

  • SHA256

    d2ada1435eb61fa1d88581a5e016de1846139e62e0de91a8527c069810cfb957

  • SHA512

    f3bdb8869d93780f5790b794eb3ecf2cc843b0a6544f38ec71c69a9de66361d124fc03f332b9ef98025e1c36e28a83e88802908f1d6082b6c6f870e15dbc0874

  • SSDEEP

    3072:eaij4QuGCkGyvG+wHKPhWlovm+Q31gvk+wHKPhW:Mj4GCkhvfwH/laqwJwH/

Score
7/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      d2ada1435eb61fa1d88581a5e016de1846139e62e0de91a8527c069810cfb957N

    • Size

      128KB

    • MD5

      a20d59e9b2ef7e85e311973ccb433160

    • SHA1

      2e248dc8aec9bd64c997b342903203bc39e59005

    • SHA256

      d2ada1435eb61fa1d88581a5e016de1846139e62e0de91a8527c069810cfb957

    • SHA512

      f3bdb8869d93780f5790b794eb3ecf2cc843b0a6544f38ec71c69a9de66361d124fc03f332b9ef98025e1c36e28a83e88802908f1d6082b6c6f870e15dbc0874

    • SSDEEP

      3072:eaij4QuGCkGyvG+wHKPhWlovm+Q31gvk+wHKPhW:Mj4GCkhvfwH/laqwJwH/

    Score
    7/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

      credential_accessstealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks