Overview

overview

9

Static

static

3

82c9dcf8d1...58.exe

windows7-x64

9

82c9dcf8d1...58.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    82c9dcf8d148ae7249d9b5806f3103679445d760eea1dd4786792504c82cb158

  • Size

    2.6MB

  • Sample

    240921-16cy6axaqe

  • MD5

    815e43357dcce9be5d8ffe1a3eed622e

  • SHA1

    90b57ae8af831f8561ade030d942c257617842a7

  • SHA256

    82c9dcf8d148ae7249d9b5806f3103679445d760eea1dd4786792504c82cb158

  • SHA512

    0fed557f4b8839799c7c02584f978a597fb0a4cdf452c66f20456077cf7394fc246c1ed7f92a1ee398d9556aa058bf09fc68bd94d941521e2da67aa18c1299fb

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBwB/bS:sxX7QnxrloE5dpUp7b

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      82c9dcf8d148ae7249d9b5806f3103679445d760eea1dd4786792504c82cb158

    • Size

      2.6MB

    • MD5

      815e43357dcce9be5d8ffe1a3eed622e

    • SHA1

      90b57ae8af831f8561ade030d942c257617842a7

    • SHA256

      82c9dcf8d148ae7249d9b5806f3103679445d760eea1dd4786792504c82cb158

    • SHA512

      0fed557f4b8839799c7c02584f978a597fb0a4cdf452c66f20456077cf7394fc246c1ed7f92a1ee398d9556aa058bf09fc68bd94d941521e2da67aa18c1299fb

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBwB/bS:sxX7QnxrloE5dpUp7b

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks