Overview

overview

7

Static

static

3

b957636701...f9.exe

windows7-x64

7

b957636701...f9.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b957636701b84764bd89ff95b5c179587b5f08a69663b89db548ea8687f587f9

  • Size

    2.6MB

  • Sample

    241120-dgrdxstpep

  • MD5

    46f2073cd4364076c502b75e34d8829e

  • SHA1

    3bf44dfe40442f7b0a4bc3eaffa054ab1649746f

  • SHA256

    b957636701b84764bd89ff95b5c179587b5f08a69663b89db548ea8687f587f9

  • SHA512

    ab684220b166397bb19bd4e2ed6ebb65bbac6987f2a4262987eb6401935e2348c65fa602bd9eefc26296b3ea70ece86b78c6ec1a348866f7cf6e2136f2e3d1c1

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBFB/bS:sxX7QnxrloE5dpUpCb

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      b957636701b84764bd89ff95b5c179587b5f08a69663b89db548ea8687f587f9

    • Size

      2.6MB

    • MD5

      46f2073cd4364076c502b75e34d8829e

    • SHA1

      3bf44dfe40442f7b0a4bc3eaffa054ab1649746f

    • SHA256

      b957636701b84764bd89ff95b5c179587b5f08a69663b89db548ea8687f587f9

    • SHA512

      ab684220b166397bb19bd4e2ed6ebb65bbac6987f2a4262987eb6401935e2348c65fa602bd9eefc26296b3ea70ece86b78c6ec1a348866f7cf6e2136f2e3d1c1

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBFB/bS:sxX7QnxrloE5dpUpCb

    Score
    7/10
    discoverypersistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks