Overview

overview

7

Static

static

3

b21d5e1730...30.exe

windows7-x64

7

b21d5e1730...30.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b21d5e1730fe1df803a2a2ff950204447e280f670d63581fd9b7ccd6020e7230

  • Size

    251KB

  • Sample

    240919-gwr6jsvclq

  • MD5

    8310c43cfe4ed25e7ee8be6b81e4c156

  • SHA1

    9701a8d8c4e20f668bc320d91736653c782534c7

  • SHA256

    b21d5e1730fe1df803a2a2ff950204447e280f670d63581fd9b7ccd6020e7230

  • SHA512

    08bdbcd2dc4d1fab3c0f9b3f1062c798da64c9d4ff88b31471c90026bdbed8ca7acd33723c45e56d6bd0a4be95a4fd4b5113a54fe76dc545fee1d4dad5006075

  • SSDEEP

    6144:SYqml5a6EdkQxiUmRQColKGAOPQK2GwIgfx+qSfF0:SVml5a6EdkQgUmR7G9QK3wJx+qSfF0

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      b21d5e1730fe1df803a2a2ff950204447e280f670d63581fd9b7ccd6020e7230

    • Size

      251KB

    • MD5

      8310c43cfe4ed25e7ee8be6b81e4c156

    • SHA1

      9701a8d8c4e20f668bc320d91736653c782534c7

    • SHA256

      b21d5e1730fe1df803a2a2ff950204447e280f670d63581fd9b7ccd6020e7230

    • SHA512

      08bdbcd2dc4d1fab3c0f9b3f1062c798da64c9d4ff88b31471c90026bdbed8ca7acd33723c45e56d6bd0a4be95a4fd4b5113a54fe76dc545fee1d4dad5006075

    • SSDEEP

      6144:SYqml5a6EdkQxiUmRQColKGAOPQK2GwIgfx+qSfF0:SVml5a6EdkQgUmR7G9QK3wJx+qSfF0

    Score
    7/10
    discoveryspywarestealer

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks