General
-
Target
SecuriteInfo.com.Win32.MalwareX-gen.1879.5700.exe
-
Size
7.0MB
-
Sample
241105-f1e64svhjb
-
MD5
bcce9eb019428cf2cc32046b9a9f024c
-
SHA1
5464ad73e2321959a99301c38bf8d3c53f0565f1
-
SHA256
f2c4f0c152acbb4a8e575e6095fc84b6df932e114c4f2a32a69d1ed19c1a55f7
-
SHA512
55932437926ddda92b949a532de464e471b5ba7fad3667451dc748ff79a0bd9b2549e91199d03ebd01dcb85033ff0e2a7a0dfd99f9c56c037ae0ec75b7c9740f
-
SSDEEP
49152:kL5HL+DFju/m+4jFWIvB3lhyPeGwGJiPqfsJMefqeYhYWMlHmKebuEUw/yJB2sa:kLFle+HIJVhyPMUiyEJpvWK+U
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.MalwareX-gen.1879.5700.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.MalwareX-gen.1879.5700.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.MalwareX-gen.1879.5700.exe
-
Size
7.0MB
-
MD5
bcce9eb019428cf2cc32046b9a9f024c
-
SHA1
5464ad73e2321959a99301c38bf8d3c53f0565f1
-
SHA256
f2c4f0c152acbb4a8e575e6095fc84b6df932e114c4f2a32a69d1ed19c1a55f7
-
SHA512
55932437926ddda92b949a532de464e471b5ba7fad3667451dc748ff79a0bd9b2549e91199d03ebd01dcb85033ff0e2a7a0dfd99f9c56c037ae0ec75b7c9740f
-
SSDEEP
49152:kL5HL+DFju/m+4jFWIvB3lhyPeGwGJiPqfsJMefqeYhYWMlHmKebuEUw/yJB2sa:kLFle+HIJVhyPMUiyEJpvWK+U
Score8/10-
Uses browser remote debugging
Can be used control the browser and steal sensitive information such as credentials and session cookies.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Persistence
Modify Authentication Process
1Scheduled Task/Job
1Scheduled Task
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Modify Authentication Process
1Steal Web Session Cookie
1Unsecured Credentials
1Credentials In Files
1