Overview

overview

7

Static

static

3

be4214a252...94.exe

windows7-x64

7

be4214a252...94.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    be4214a2521a6dd6c417b1db295b33fcb339910907228e45325777c4c6370c94

  • Size

    11.1MB

  • Sample

    240919-gyblksvcrk

  • MD5

    5b407daa3321c0b4ee51d3ceee0e6efc

  • SHA1

    fe9402681ed4b5dd78a737a613373f5fd42fa3bf

  • SHA256

    be4214a2521a6dd6c417b1db295b33fcb339910907228e45325777c4c6370c94

  • SHA512

    74970e6be59fd03f651cb1170e1d7f882a0d8898fdcabfb32e53b686f4b504e9ea385859a7cb727ec7828d7661234e299b5c8a1c80d0cf1320fb28ce596259a7

  • SSDEEP

    98304:VFb+0ChEPIGiq3y3vx+w9TbfjJ+kdfpK46Tle36jknz9Y:Vl+kIGv3y/x+KTbfjJ+kdnAlejY

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      be4214a2521a6dd6c417b1db295b33fcb339910907228e45325777c4c6370c94

    • Size

      11.1MB

    • MD5

      5b407daa3321c0b4ee51d3ceee0e6efc

    • SHA1

      fe9402681ed4b5dd78a737a613373f5fd42fa3bf

    • SHA256

      be4214a2521a6dd6c417b1db295b33fcb339910907228e45325777c4c6370c94

    • SHA512

      74970e6be59fd03f651cb1170e1d7f882a0d8898fdcabfb32e53b686f4b504e9ea385859a7cb727ec7828d7661234e299b5c8a1c80d0cf1320fb28ce596259a7

    • SSDEEP

      98304:VFb+0ChEPIGiq3y3vx+w9TbfjJ+kdfpK46Tle36jknz9Y:Vl+kIGv3y/x+KTbfjJ+kdnAlejY

    Score
    7/10
    discoveryspywarestealer

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks