Overview

overview

8

Static

static

3

27cfc8af28...fd.exe

windows7-x64

8

27cfc8af28...fd.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    27cfc8af28cb9bf686279d28eddb09d9786d81cb9135c8ea9e34d2591cb2c9fd

  • Size

    577KB

  • Sample

    240921-qnbm9svbll

  • MD5

    f62138746b7d65ac3d4ac68922da0dc9

  • SHA1

    30f1b630d5ea10dbd17713663ac480713405d7d2

  • SHA256

    27cfc8af28cb9bf686279d28eddb09d9786d81cb9135c8ea9e34d2591cb2c9fd

  • SHA512

    81484627ff6ca9c36c16b8cac151c8684f9691a9536206ff20ceb844619aebc9bfece73b9d89664b7ba9e83c59716d72cb2fd78691c2e8c4faeb672b4385287d

  • SSDEEP

    6144:t46tGdye419E7cV3iwbAFRWAbd4nf0H05yqE6Hl0ChW0+ksllAXBu0lWGWUJJQ4H:t3NbI7a3iwbihym2g7XO3LWUQfh4Co

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      27cfc8af28cb9bf686279d28eddb09d9786d81cb9135c8ea9e34d2591cb2c9fd

    • Size

      577KB

    • MD5

      f62138746b7d65ac3d4ac68922da0dc9

    • SHA1

      30f1b630d5ea10dbd17713663ac480713405d7d2

    • SHA256

      27cfc8af28cb9bf686279d28eddb09d9786d81cb9135c8ea9e34d2591cb2c9fd

    • SHA512

      81484627ff6ca9c36c16b8cac151c8684f9691a9536206ff20ceb844619aebc9bfece73b9d89664b7ba9e83c59716d72cb2fd78691c2e8c4faeb672b4385287d

    • SSDEEP

      6144:t46tGdye419E7cV3iwbAFRWAbd4nf0H05yqE6Hl0ChW0+ksllAXBu0lWGWUJJQ4H:t3NbI7a3iwbihym2g7XO3LWUQfh4Co

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks