Overview

overview

8

Static

static

3

d8cf048d08...77.exe

windows7-x64

8

d8cf048d08...77.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    d8cf048d08b89b6116bce234425d3618bfcb49967626b88d22c6488a9d841177

  • Size

    93KB

  • Sample

    241004-dppv3a1erm

  • MD5

    fe5d66c246360c3789b5c6f4aa16949d

  • SHA1

    3deed08567554ea019fea5364f4b246ddc46d80f

  • SHA256

    d8cf048d08b89b6116bce234425d3618bfcb49967626b88d22c6488a9d841177

  • SHA512

    a5cd2d2ba07e48992c6ca28a16a69a7d941d665ef9264ea901a4a3a9959301ca41752872008fcc72c84a16b86cd3b24cd1c3bf273bd4d345b27bc3fcf5aa37bf

  • SSDEEP

    1536:2wvaYzMXqtGNttyeiZnZLYm1byapmebn4ddJZeY86iLflLJYEIs67rxo:2wvaY46tGNttyeQLYm1WLK4ddJMY86iL

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      d8cf048d08b89b6116bce234425d3618bfcb49967626b88d22c6488a9d841177

    • Size

      93KB

    • MD5

      fe5d66c246360c3789b5c6f4aa16949d

    • SHA1

      3deed08567554ea019fea5364f4b246ddc46d80f

    • SHA256

      d8cf048d08b89b6116bce234425d3618bfcb49967626b88d22c6488a9d841177

    • SHA512

      a5cd2d2ba07e48992c6ca28a16a69a7d941d665ef9264ea901a4a3a9959301ca41752872008fcc72c84a16b86cd3b24cd1c3bf273bd4d345b27bc3fcf5aa37bf

    • SSDEEP

      1536:2wvaYzMXqtGNttyeiZnZLYm1byapmebn4ddJZeY86iLflLJYEIs67rxo:2wvaY46tGNttyeQLYm1WLK4ddJMY86iL

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks