Overview

overview

8

Static

static

3

OperaSetup.exe

windows7-x64

7

OperaSetup.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    OperaSetup.exe

  • Size

    2.1MB

  • Sample

    241005-wg7d9ashpa

  • MD5

    c60c23101bfd86fd3f9b37e33672c0a7

  • SHA1

    2a04b8c3bc2ea5d55e32cbad1678ad9a74804563

  • SHA256

    8e582377672284cf6ea3e09b1fa5c148841d293a28bc8fc7c9115eb4e401baca

  • SHA512

    814d930efd9d82ae1be80983514ab5ec49c0c820cfbef8ed223034ad14883121653d74f5c3820b524880f806cd9afd9e01c8ce4f81277a8a0c5a16c2a742817b

  • SSDEEP

    49152:hVAbwYuCT+Ny/7wNIYNY3jfXQmaXekd+WDVk5yIxAWG:HAZZT+NE2IYOTPloec+WsTAWG

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      OperaSetup.exe

    • Size

      2.1MB

    • MD5

      c60c23101bfd86fd3f9b37e33672c0a7

    • SHA1

      2a04b8c3bc2ea5d55e32cbad1678ad9a74804563

    • SHA256

      8e582377672284cf6ea3e09b1fa5c148841d293a28bc8fc7c9115eb4e401baca

    • SHA512

      814d930efd9d82ae1be80983514ab5ec49c0c820cfbef8ed223034ad14883121653d74f5c3820b524880f806cd9afd9e01c8ce4f81277a8a0c5a16c2a742817b

    • SSDEEP

      49152:hVAbwYuCT+Ny/7wNIYNY3jfXQmaXekd+WDVk5yIxAWG:HAZZT+NE2IYOTPloec+WsTAWG

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks