fa3b854f0e4c0d35ca9a5647bc6935ee1e6a3920d9b951c51b2cb7bc1588c904

Sharing

Copy URL

Twitter E-mail

General

Target

SpyEye.zip
Size

1.0MB
Sample

241006-kw7g1s1blc
MD5

2e0bb844572de2e88cbd23d76101bd16
SHA1

8152e5a5187413ee20b36f4f059c47d594590a3c
SHA256

fa3b854f0e4c0d35ca9a5647bc6935ee1e6a3920d9b951c51b2cb7bc1588c904
SHA512

c2318b6bde935c9ed2410c4b508b79a7396265b2e97b788a0f32451077db1db3727a12f90471dc5b7a4974bbc7d811bbff1625457db43ae8f4881ff00e37ad40
SSDEEP

24576:xx83QwgESJLldWfsqI4/rWhZPG44yuJoy7SHoIO1:IAwg7+sqI4/OZ/To7iox1

Score

7^/10

Malware Config

Targets

- Target
  
  malware.exe
- Size
  
  145KB
- MD5
  
  15f994b0886f7d7c547e24859b991c33
- SHA1
  
  bd828f7951b7ff7193943731a79cdf466f4c8def
- SHA256
  
  df192e9020c411a26bf28d47b4eb859f5e375013ef250e46b86a930ae67d6bae
- SHA512
  
  30a1452dac94ab61313c7f0bc33a79642759363befd5b21067af7197447f5d300e37aae1eb6283e24f4b5e0a885931365273de94f63f1c88ebb8d02a4e4a7ad0
- SSDEEP
  
  3072:M3maCzqt/00KmxEYpyQxx0kerEJVpS1mcxR:M3maV/00KmxhN0kerEJomcx
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  malware.ex~
- Size
  
  68KB
- MD5
  
  2b8a408b56eaf3ce0198c9d1d8a75ec0
- SHA1
  
  7380159e70ae03d02b33353112fb2011cbe4b87c
- SHA256
  
  966ba7601becffb361a55f02d02fc129903d19be45e793946361383106f521da
- SHA512
  
  2a0a721d2d36a89ce25ef26968fa5443e53d7b0ee8bce48ada26f2578b8b6fa879e22be1a1efb219c712ca41a4f233b222536b3ec0b2a0bd39b21084b82f6848
- SSDEEP
  
  1536:G2G9N3OmJcaNvYCXna0iHDqA00H8/V9/PSE39Gm1e:Gp/OmJUNzDT00cXKE39dQ
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  malware.exe
- Size
  
  80KB
- MD5
  
  0f37839f48f7fc77e6d50e14657fb96e
- SHA1
  
  35698c61ad232ff90c5812372d23971118ea37cd
- SHA256
  
  f097ad77b99b3744994a646d6a3577cea2faa8b9e656fcccbbd73244e227c850
- SHA512
  
  72bf97c978cd4319198ac5a379d224ddc90e471251e9d817a2fe9ab362cbaab9f5f6647f2261689ddd8f340cce04e602e38faf907ac543ee5d4ad7ef23e3cbd5
- SSDEEP
  
  1536:CtX20yVt4dA3bfyF6FwfxQ8WPmNgPez/FpaWD0i2CVyPBQcc0WYQirQ9Z:eZ0u6LBqJdWPdPezTmiRmiQ8irQH
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral5 behavioral6
- Target
  
  malware.ex~
- Size
  
  66KB
- MD5
  
  5942ba36cf732097479c51986eee91ed
- SHA1
  
  7cddef600cdae3890bbe2a2587e44de11bbc57bb
- SHA256
  
  9459b0d6f7cdec6860c458944386896f78cb60befdd04fbeab0df5b6661a3f81
- SHA512
  
  dcbcc98bc4d120cdbb0846abc9c2ab621b993f116aaccfec12812ebb3f42f9584e66f87d717327ec6955fa3d18f56444f16c8de39fbafdeb857cf285f24532c4
- SSDEEP
  
  1536:jDfWNrkKt4O2igKFicCR7fb/C7EchKmPKrjCKsOB0YxIma:jDfgj4OoICRvCwtZKOqCxa
Score

5^/10

upx discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  malware.exe
- Size
  
  147KB
- MD5
  
  cefbe57fb29cbd911b28e1d9a8918ab0
- SHA1
  
  c0c93f1afc0985fda540f8292f323d40f00c3198
- SHA256
  
  9e72e4553bb8d724c3b625ece13632f26f1e9bebdad61ffeeb38ea5fab14b118
- SHA512
  
  97ec327558d8c9a2551db02cd81cd4354d0831925f7e193b5036d21a601f764a48cffca05d59bf329d7fdea7c66e1c53eb00bcb30d6fe95dcc6bf74ab2806f20
- SSDEEP
  
  3072:vCgR4N2ApH77yU06Y0a+rkaOQ7n4EXhMpe:6gR4NT0Z0aZah7n/hME
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral10 behavioral9
- Target
  
  malware.ex~
- Size
  
  133KB
- MD5
  
  7779f923da8c1418764fecc7d1ba86cf
- SHA1
  
  1dca672c62538457be0cfbccb6880c09d64d55b3
- SHA256
  
  664a551f2dfb0cebf3d17d80e60d6fccf82b6b7f0dfeb0b8b715810e93555c01
- SHA512
  
  747f50c3f42d23f397243d7f51652cef787ee385ebd561a6bd67afe5f7ca0229b278ecd6e957bc7fa666b061aaed9464cf1f027b92eaa28b7eef5ee7b02c02a8
- SSDEEP
  
  3072:oBCtQr2DkD0lRLb+4hLTyU06Y0a+rkaOQ7n4EXhMpe:oCQrZD0XRh0Z0aZah7n/hME
Score

5^/10

upx discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12
- Target
  
  malware.exe
- Size
  
  123KB
- MD5
  
  84714c100d2dfc88629531f6456b8276
- SHA1
  
  ecce2684f143b02fc187a4a6af22f1e9ed6c2c6f
- SHA256
  
  861aa9c5ddcb5284e1ba4e5d7ebacfa297567c353446506ee4b4e39c84454b09
- SHA512
  
  f5aa29698821747adb66d5c414958c4dfa82346ddb23b3b517eddcd36af90adf346527611c697022bf54f0da4410bc326d67ced3ebe4cca7e5be8f77bdcd9604
- SSDEEP
  
  1536:k27ySIQJlLCzvOkzFf7y4gp5yWvAasTjny4n9V+i1tM5fZ8an8QpEpq:x1IQlLC7RzllWvAasrXbSj8aEI
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  malware.exe
- Size
  
  114KB
- MD5
  
  4fcf540bd465177ee03e6d798ad162f0
- SHA1
  
  8464065bca2b577ff861585f03ec42f443dc38c3
- SHA256
  
  2cc636f4a1e76bd05ddc3c4cbdc8b2b848424d01146ae698e398795895007b77
- SHA512
  
  c36789e362b9d5e5756caa8e9d52fdd6ff8632927bdc9d694c0a316a902a68691ec32634d45331ae8ff816cf5cb3ac1756c8eb3a510a5f98ac6a6abbeaf4725f
- SSDEEP
  
  3072:slWhLIfG/dcG2aGp62L/uPddR0rAXR9C2G:slg5e62Tut0rQRt
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  malware.ex~
- Size
  
  55KB
- MD5
  
  97c73a29ab07f04458f5e8834f8db1ba
- SHA1
  
  171565913cf53864c0ba1ff9dc414ed6ac473662
- SHA256
  
  a7b061a30f875be1de8994084f2935175ccb4edce87a88fc4430c63e0f738376
- SHA512
  
  44288cf1167e72ff6c6895a70691dbe8420d7287ae9908955188a1e9e1acdf45f5d80ecf0fc5bc327d02579c9418d051ac1a389125480b0471a57bfaf8c722c8
- SSDEEP
  
  768:lPM/cDO4+7RL22jCTkH6FjHcEXjjkWDefrdUYpeRo52jZ2qVsignKk9:t8cDOXFnaeejjzD0rdooEwqVLwKk9
Score

7^/10

discovery upx
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

UPX packed file

Executes dropped EXE

Loads dropped DLL

UPX packed file

Executes dropped EXE

Loads dropped DLL

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18