Overview

overview

8

Static

static

3

ea038ad52d...08.exe

windows7-x64

8

ea038ad52d...08.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ea038ad52d00bf5e21bec01a6037f1e74780eb276952342689ea0fd2702c9108

  • Size

    66KB

  • Sample

    240921-rsjecaxbpr

  • MD5

    243c6a5a0549cf23438fed6941855026

  • SHA1

    c19d1136a4f6dc9b35131449d9196efd2afd519f

  • SHA256

    ea038ad52d00bf5e21bec01a6037f1e74780eb276952342689ea0fd2702c9108

  • SHA512

    acbd9d1436a5b3b1c6b2199b32ac5deec21ad47988ba056f5cd0fb0057f86c935e3fdc73c4cfaf5b4fc054d0b4db93b188135901193c3e7c2cf1ea48709835a8

  • SSDEEP

    1536:PuPoaYzMXqtGNttyUn01Q78a4R8b4yzwC132n6wkj7:PhaY46tGNttyJQ7KR8b4yzjwkH

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      ea038ad52d00bf5e21bec01a6037f1e74780eb276952342689ea0fd2702c9108

    • Size

      66KB

    • MD5

      243c6a5a0549cf23438fed6941855026

    • SHA1

      c19d1136a4f6dc9b35131449d9196efd2afd519f

    • SHA256

      ea038ad52d00bf5e21bec01a6037f1e74780eb276952342689ea0fd2702c9108

    • SHA512

      acbd9d1436a5b3b1c6b2199b32ac5deec21ad47988ba056f5cd0fb0057f86c935e3fdc73c4cfaf5b4fc054d0b4db93b188135901193c3e7c2cf1ea48709835a8

    • SSDEEP

      1536:PuPoaYzMXqtGNttyUn01Q78a4R8b4yzwC132n6wkj7:PhaY46tGNttyJQ7KR8b4yzjwkH

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks