Overview

overview

7

Static

static

3

f693a7e8a9...a7.exe

windows7-x64

7

f693a7e8a9...a7.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f693a7e8a92bb7b24eb811b7dba24b2f8c02814a6f81f3ec4f278fc9089b33a7

  • Size

    723KB

  • Sample

    240919-gyde6svcrm

  • MD5

    ef1d319518a6e8d27e0d8ed1ee0cd0f8

  • SHA1

    e430328e360b542da7e9929090312bd99426a5fd

  • SHA256

    f693a7e8a92bb7b24eb811b7dba24b2f8c02814a6f81f3ec4f278fc9089b33a7

  • SHA512

    08ea7d62b9e1a34dc3a126272307cdc3bfd89d2110ebacc519ab7521c31481a6f5a45a423dc3f2e6c3dd4c6c4f91d868b8ac3e1a01dd5d994bd8093edc219a1f

  • SSDEEP

    12288:V+azbvPfC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:VBzb/LOS2opPIXV

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      f693a7e8a92bb7b24eb811b7dba24b2f8c02814a6f81f3ec4f278fc9089b33a7

    • Size

      723KB

    • MD5

      ef1d319518a6e8d27e0d8ed1ee0cd0f8

    • SHA1

      e430328e360b542da7e9929090312bd99426a5fd

    • SHA256

      f693a7e8a92bb7b24eb811b7dba24b2f8c02814a6f81f3ec4f278fc9089b33a7

    • SHA512

      08ea7d62b9e1a34dc3a126272307cdc3bfd89d2110ebacc519ab7521c31481a6f5a45a423dc3f2e6c3dd4c6c4f91d868b8ac3e1a01dd5d994bd8093edc219a1f

    • SSDEEP

      12288:V+azbvPfC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:VBzb/LOS2opPIXV

    Score
    7/10
    discoveryspywarestealer

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks