Overview

overview

10

Static

static

10

main.exe

windows10-2004-x64

7

main.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    main.exe

  • Size

    17.9MB

  • Sample

    241006-w6d41atapg

  • MD5

    9b37e42b1d4541730b4aa45d64f45084

  • SHA1

    e432db49b649d780a0f18304a791d3694474d2f5

  • SHA256

    c98f9790df37f923b425e24fb743c07346fa3322cc2e9f58eedab1cddbf3aa47

  • SHA512

    dd25d1fbc29e1399c9c5cef1f70af170c33465e2d0da65c9c3dbb8a94c6a5374f62f2c23b3c9c594f85ad6c53508981d2749896fbf82f6f90a8e011b90c6e27c

  • SSDEEP

    393216:aqPnLFXlrZQ+DOETgsvfGMfgiCITovEYT1BwfaO5chDq:vPLFXNZQ/EffrtM8aO59

Score
10/10
empyreandiscoverypersistenceprivilege_escalationpyinstallerspywarestealerupx

Malware Config

Targets

    • Target

      main.exe

    • Size

      17.9MB

    • MD5

      9b37e42b1d4541730b4aa45d64f45084

    • SHA1

      e432db49b649d780a0f18304a791d3694474d2f5

    • SHA256

      c98f9790df37f923b425e24fb743c07346fa3322cc2e9f58eedab1cddbf3aa47

    • SHA512

      dd25d1fbc29e1399c9c5cef1f70af170c33465e2d0da65c9c3dbb8a94c6a5374f62f2c23b3c9c594f85ad6c53508981d2749896fbf82f6f90a8e011b90c6e27c

    • SSDEEP

      393216:aqPnLFXlrZQ+DOETgsvfGMfgiCITovEYT1BwfaO5chDq:vPLFXNZQ/EffrtM8aO59

    Score
    7/10
    discoveryspywarestealerupxpersistenceprivilege_escalation

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks