Overview

overview

8

Static

static

3

e404f209fb...1c.exe

windows7-x64

8

e404f209fb...1c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e404f209fb43a16bcc1cd873641c31a9cd0e604928d28b2a9b6f9862a99ebc1c

  • Size

    318KB

  • Sample

    241120-fjl84a1nbx

  • MD5

    20a173c16e96e74dd72d4c1f007dde02

  • SHA1

    2b3793d27a10a79a48b60117a6f61e4edd3a0971

  • SHA256

    e404f209fb43a16bcc1cd873641c31a9cd0e604928d28b2a9b6f9862a99ebc1c

  • SHA512

    6c2631e081d69bfae4d9593f6ce939a9a0fd6af6d08487ef1f56cbc30d498a72ff5711638ec49ebef988bb1d026ff314c51eb8ae6a7bbefebf6e73f73e294e68

  • SSDEEP

    6144:F8xKWjsObiZKDAX0jH0o2zq9DmQ3LOotL4gr:FW9biZKm4H8zq9Fjtdr

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      e404f209fb43a16bcc1cd873641c31a9cd0e604928d28b2a9b6f9862a99ebc1c

    • Size

      318KB

    • MD5

      20a173c16e96e74dd72d4c1f007dde02

    • SHA1

      2b3793d27a10a79a48b60117a6f61e4edd3a0971

    • SHA256

      e404f209fb43a16bcc1cd873641c31a9cd0e604928d28b2a9b6f9862a99ebc1c

    • SHA512

      6c2631e081d69bfae4d9593f6ce939a9a0fd6af6d08487ef1f56cbc30d498a72ff5711638ec49ebef988bb1d026ff314c51eb8ae6a7bbefebf6e73f73e294e68

    • SSDEEP

      6144:F8xKWjsObiZKDAX0jH0o2zq9DmQ3LOotL4gr:FW9biZKm4H8zq9Fjtdr

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks