Overview

overview

7

Static

static

3

04b7426e40...fN.exe

windows7-x64

7

04b7426e40...fN.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04b7426e40bb63a6a1868d23080c53abe5ab22729b894f8a0878b4c7a310236fN.exe

  • Size

    2.6MB

  • Sample

    241119-xhma5svnbr

  • MD5

    abf8d205570232474cf596cb4956c5f0

  • SHA1

    607868ddc4fc8fb5bb8e40ffe433f07c6900c98b

  • SHA256

    04b7426e40bb63a6a1868d23080c53abe5ab22729b894f8a0878b4c7a310236f

  • SHA512

    f97fa691dcf07fc422548c030cda8faa9838146801afe7ca838860c657014c3d9a5928f8f1e9d1592a352755f2850bbb149e977fde9f82db7124dfee1060a475

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBKB/bS:sxX7QnxrloE5dpUp9b

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      04b7426e40bb63a6a1868d23080c53abe5ab22729b894f8a0878b4c7a310236fN.exe

    • Size

      2.6MB

    • MD5

      abf8d205570232474cf596cb4956c5f0

    • SHA1

      607868ddc4fc8fb5bb8e40ffe433f07c6900c98b

    • SHA256

      04b7426e40bb63a6a1868d23080c53abe5ab22729b894f8a0878b4c7a310236f

    • SHA512

      f97fa691dcf07fc422548c030cda8faa9838146801afe7ca838860c657014c3d9a5928f8f1e9d1592a352755f2850bbb149e977fde9f82db7124dfee1060a475

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBKB/bS:sxX7QnxrloE5dpUp9b

    Score
    7/10
    discoverypersistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks