Overview

overview

7

Static

static

3

06e8f3eb7b...15.exe

windows7-x64

7

06e8f3eb7b...15.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    06e8f3eb7b16d7bc4c39a670f2db16a6bfd084e78927ec0ee76293e443ddc915

  • Size

    2.6MB

  • Sample

    241014-sr3x2avhpp

  • MD5

    ff22de3cc0177bea8c011f6e7793a1d8

  • SHA1

    369030f32fa3882a8786d30d2f87d5aef5cad748

  • SHA256

    06e8f3eb7b16d7bc4c39a670f2db16a6bfd084e78927ec0ee76293e443ddc915

  • SHA512

    4ac88369a0d1e6374995e81b8a4e2430b76608200533790cc1aed222f9f1283e58c391767ba9ef967f97845d1df91d32c9ec448e47faea86495e209e38d8bb5c

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBHB/bS:sxX7QnxrloE5dpUp8b

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      06e8f3eb7b16d7bc4c39a670f2db16a6bfd084e78927ec0ee76293e443ddc915

    • Size

      2.6MB

    • MD5

      ff22de3cc0177bea8c011f6e7793a1d8

    • SHA1

      369030f32fa3882a8786d30d2f87d5aef5cad748

    • SHA256

      06e8f3eb7b16d7bc4c39a670f2db16a6bfd084e78927ec0ee76293e443ddc915

    • SHA512

      4ac88369a0d1e6374995e81b8a4e2430b76608200533790cc1aed222f9f1283e58c391767ba9ef967f97845d1df91d32c9ec448e47faea86495e209e38d8bb5c

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBHB/bS:sxX7QnxrloE5dpUp8b

    Score
    7/10
    discoverypersistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks