Overview

overview

7

Static

static

3

cff579e5fa...0d.exe

windows7-x64

7

cff579e5fa...0d.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cff579e5facdd493e0b023979049f4504ffc611c352a7d97928943e61c66dd0d.exe

  • Size

    9.5MB

  • Sample

    241002-b1n2ssvbja

  • MD5

    bb85c40120dac356bfc311f4774d3439

  • SHA1

    bdcc094a88aa8971753da0c86e05c68578e5ce84

  • SHA256

    cff579e5facdd493e0b023979049f4504ffc611c352a7d97928943e61c66dd0d

  • SHA512

    d15e22befdcc9de94b68552e87d3175694e5d70cc4577d9916a523e34bbaee65991730fe71cc4075561c7247ff8d8e7126ce1b4a7f795d2fa3c7276604a32e05

  • SSDEEP

    49152:G+ACxZPpFDaaekodusejnK99nJeO+3nXn0Ext9V6qrzDTAQg0JZ+Wm+vfYM8sF1K:G+zxZxhUkIeG

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      cff579e5facdd493e0b023979049f4504ffc611c352a7d97928943e61c66dd0d.exe

    • Size

      9.5MB

    • MD5

      bb85c40120dac356bfc311f4774d3439

    • SHA1

      bdcc094a88aa8971753da0c86e05c68578e5ce84

    • SHA256

      cff579e5facdd493e0b023979049f4504ffc611c352a7d97928943e61c66dd0d

    • SHA512

      d15e22befdcc9de94b68552e87d3175694e5d70cc4577d9916a523e34bbaee65991730fe71cc4075561c7247ff8d8e7126ce1b4a7f795d2fa3c7276604a32e05

    • SSDEEP

      49152:G+ACxZPpFDaaekodusejnK99nJeO+3nXn0Ext9V6qrzDTAQg0JZ+Wm+vfYM8sF1K:G+zxZxhUkIeG

    Score
    7/10
    discoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks