Overview

overview

7

Static

static

10

file.exe

windows7-x64

7

file.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    1.1MB

  • Sample

    240927-s9x5hasdqa

  • MD5

    0013399a6a9ab2e3fb25451ed658daa1

  • SHA1

    77731500657e6658c6d1b4d09de3fae4f756efef

  • SHA256

    0646980e8e68974948861e60bd4497d17464da101ec697241ba8ea96d86d22c6

  • SHA512

    3e5a3df2aa90b429fd0a37cc9a02140e3d2324d1291fbd32452260c9374afbaf7243dd59d4a2e1964bfb9ce7474eee89d349648ca80da35c24f52ec9664e18b4

  • SSDEEP

    24576:7BZ3miL8zJa5e9AISUzOL9A5q9IbwQmzXrbv4nlxlGfGeIVuj:j3miL8Me9AISUzCDewQ0X4g+eIVu

Score
10/10
meduzacollectiondiscoveryspywarestealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      1.1MB

    • MD5

      0013399a6a9ab2e3fb25451ed658daa1

    • SHA1

      77731500657e6658c6d1b4d09de3fae4f756efef

    • SHA256

      0646980e8e68974948861e60bd4497d17464da101ec697241ba8ea96d86d22c6

    • SHA512

      3e5a3df2aa90b429fd0a37cc9a02140e3d2324d1291fbd32452260c9374afbaf7243dd59d4a2e1964bfb9ce7474eee89d349648ca80da35c24f52ec9664e18b4

    • SSDEEP

      24576:7BZ3miL8zJa5e9AISUzOL9A5q9IbwQmzXrbv4nlxlGfGeIVuj:j3miL8Me9AISUzCDewQ0X4g+eIVu

    Score
    7/10
    collectiondiscoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks