Overview

overview

7

Static

static

3

b04e1eb64a...de.exe

windows7-x64

7

b04e1eb64a...de.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b04e1eb64a329b2cc973d62e3908164e5b5ccb1f23fa3ecabfea80903c8b5ede.exe

  • Size

    2.6MB

  • Sample

    241119-wcfezaynbx

  • MD5

    0e34aa1533df12297f65bddf32ff80bb

  • SHA1

    ca6f1f568ffd8880d9b26eaa0d591058417be194

  • SHA256

    b04e1eb64a329b2cc973d62e3908164e5b5ccb1f23fa3ecabfea80903c8b5ede

  • SHA512

    f32574c44eb21d58de2a1dae202620d66ae4df69fe017b4828f657005b05a873ebe66432571737f78a4bc613121f6651fb86912e8d563719c7d83159ac4e0812

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBeB/bSG:sxX7QnxrloE5dpUpNb3

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      b04e1eb64a329b2cc973d62e3908164e5b5ccb1f23fa3ecabfea80903c8b5ede.exe

    • Size

      2.6MB

    • MD5

      0e34aa1533df12297f65bddf32ff80bb

    • SHA1

      ca6f1f568ffd8880d9b26eaa0d591058417be194

    • SHA256

      b04e1eb64a329b2cc973d62e3908164e5b5ccb1f23fa3ecabfea80903c8b5ede

    • SHA512

      f32574c44eb21d58de2a1dae202620d66ae4df69fe017b4828f657005b05a873ebe66432571737f78a4bc613121f6651fb86912e8d563719c7d83159ac4e0812

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBeB/bSG:sxX7QnxrloE5dpUpNb3

    Score
    7/10
    discoverypersistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks