Overview

overview

8

Static

static

3

3f724bc459...a4.exe

windows7-x64

8

3f724bc459...a4.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f724bc459e52c032e937ffabe23264c72a41f45fff733c791e63d0a34571da4

  • Size

    186KB

  • Sample

    241120-fkg1rs1ndt

  • MD5

    3bc773537140efa8ee9a743401a83fb7

  • SHA1

    3f7d384fe00be88d009118c43c3aa4679a11572c

  • SHA256

    3f724bc459e52c032e937ffabe23264c72a41f45fff733c791e63d0a34571da4

  • SHA512

    b37b50488b74e97536cceada4c39914dc3ace7a696197786efacfb26bdef9a60af0e72b040b1f42dd570508be52daed0aa72bd09f05bb5f09b57e7ce775d3a83

  • SSDEEP

    3072:2CkaY46tGNttyeQLYm1QARYLJXJoYtpA/H3RpDecC+EZX70RjLTu46R0Eb:d046tGdye41QgYLjvqXRpDecw7Kj3u4A

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      3f724bc459e52c032e937ffabe23264c72a41f45fff733c791e63d0a34571da4

    • Size

      186KB

    • MD5

      3bc773537140efa8ee9a743401a83fb7

    • SHA1

      3f7d384fe00be88d009118c43c3aa4679a11572c

    • SHA256

      3f724bc459e52c032e937ffabe23264c72a41f45fff733c791e63d0a34571da4

    • SHA512

      b37b50488b74e97536cceada4c39914dc3ace7a696197786efacfb26bdef9a60af0e72b040b1f42dd570508be52daed0aa72bd09f05bb5f09b57e7ce775d3a83

    • SSDEEP

      3072:2CkaY46tGNttyeQLYm1QARYLJXJoYtpA/H3RpDecC+EZX70RjLTu46R0Eb:d046tGdye41QgYLjvqXRpDecw7Kj3u4A

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks