Overview

overview

7

Static

static

3

0d7928976a...c8.exe

windows7-x64

7

0d7928976a...c8.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0d7928976a87aca2e705761e5b88b2c031266494af6f40c4a7840d6d3e807ec8

  • Size

    136KB

  • Sample

    240921-rqp44sxanr

  • MD5

    22dec3659f1dd9ea4c882b981706283a

  • SHA1

    6ee4036616789bd254b359ec2a3a28f68afa9ffa

  • SHA256

    0d7928976a87aca2e705761e5b88b2c031266494af6f40c4a7840d6d3e807ec8

  • SHA512

    2f6882a4f1bedd77e9d8d3d2cc61c556aa61c7afe00f7b4a0c90b8da99ec6a3cd1fb6612c8d67cb9421e9506a5bc72484da123ca31b87b3ffef43bd15b990923

  • SSDEEP

    3072:8le+azbRPrlr9RXFfvgmJAIlwPxX/ZWOFrb:V+azbRZvuvI+PxBWOFn

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      0d7928976a87aca2e705761e5b88b2c031266494af6f40c4a7840d6d3e807ec8

    • Size

      136KB

    • MD5

      22dec3659f1dd9ea4c882b981706283a

    • SHA1

      6ee4036616789bd254b359ec2a3a28f68afa9ffa

    • SHA256

      0d7928976a87aca2e705761e5b88b2c031266494af6f40c4a7840d6d3e807ec8

    • SHA512

      2f6882a4f1bedd77e9d8d3d2cc61c556aa61c7afe00f7b4a0c90b8da99ec6a3cd1fb6612c8d67cb9421e9506a5bc72484da123ca31b87b3ffef43bd15b990923

    • SSDEEP

      3072:8le+azbRPrlr9RXFfvgmJAIlwPxX/ZWOFrb:V+azbRZvuvI+PxBWOFn

    Score
    7/10
    discoveryspywarestealer

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks