Overview

overview

10

Static

static

10

321.exe

windows7-x64

7

321.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    321.exe

  • Size

    1.1MB

  • Sample

    240929-tfe79stfle

  • MD5

    d5bc68a04937550a6aaf9d6186c1feff

  • SHA1

    d26588a0c3724deb2e82c189ce6c57f4043e92f8

  • SHA256

    3404c194f27809c0ee40bf0b277a3cdff4438e7c4495871d00a7d7e7acfdee22

  • SHA512

    3f994388fa7c6c9883c040c8b0160e2b0ae42068d2736300c699d546a0785866cb94de46b7b2e23e59d5ece43193595a1404d78ccb3231fe8ea6d338ddec0499

  • SSDEEP

    24576:ll73m7L8JyNMqJUUvYo9lsn826q47DSuH7GJ/i+kGeO:X3m7L8YMquUvf8826q4a2GJaC7

Score
10/10
meduzacollectiondiscoveryspywarestealer

Malware Config

Targets

    • Target

      321.exe

    • Size

      1.1MB

    • MD5

      d5bc68a04937550a6aaf9d6186c1feff

    • SHA1

      d26588a0c3724deb2e82c189ce6c57f4043e92f8

    • SHA256

      3404c194f27809c0ee40bf0b277a3cdff4438e7c4495871d00a7d7e7acfdee22

    • SHA512

      3f994388fa7c6c9883c040c8b0160e2b0ae42068d2736300c699d546a0785866cb94de46b7b2e23e59d5ece43193595a1404d78ccb3231fe8ea6d338ddec0499

    • SSDEEP

      24576:ll73m7L8JyNMqJUUvYo9lsn826q47DSuH7GJ/i+kGeO:X3m7L8YMquUvf8826q4a2GJaC7

    Score
    7/10
    collectiondiscoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks