Overview

overview

7

Static

static

3

d8ab9ebf70...9N.exe

windows7-x64

7

d8ab9ebf70...9N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d8ab9ebf707dee220743fa1293f73e0bfb45d78c003e2e728725a3e07f31d2b9N

  • Size

    2.6MB

  • Sample

    241014-gsgkmsvfkq

  • MD5

    6497167a9c4cf62b3972ac316c81efe0

  • SHA1

    12ab5c74061f86b69075b33a3b18db16ce762fb6

  • SHA256

    d8ab9ebf707dee220743fa1293f73e0bfb45d78c003e2e728725a3e07f31d2b9

  • SHA512

    4aa33235dec84006930488324dbaf5b7be8d3eb5f9da1fce36326fc7fc5dbd81b81ffef642d38f35af290e1c191c48d46f9d31389775dc156fe1bbaba10e9cf8

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bSq:sxX7QnxrloE5dpUpibV

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      d8ab9ebf707dee220743fa1293f73e0bfb45d78c003e2e728725a3e07f31d2b9N

    • Size

      2.6MB

    • MD5

      6497167a9c4cf62b3972ac316c81efe0

    • SHA1

      12ab5c74061f86b69075b33a3b18db16ce762fb6

    • SHA256

      d8ab9ebf707dee220743fa1293f73e0bfb45d78c003e2e728725a3e07f31d2b9

    • SHA512

      4aa33235dec84006930488324dbaf5b7be8d3eb5f9da1fce36326fc7fc5dbd81b81ffef642d38f35af290e1c191c48d46f9d31389775dc156fe1bbaba10e9cf8

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bSq:sxX7QnxrloE5dpUpibV

    Score
    7/10
    discoverypersistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks