Overview

overview

7

Static

static

3

f26faa8feb...60.exe

windows7-x64

7

f26faa8feb...60.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f26faa8feb3af1bc8627bc381c784e98e9e4fbe76dc81723027f76db7aaa5760

  • Size

    2.6MB

  • Sample

    241120-gcr2fashjq

  • MD5

    638cd94bff692e468f5630adc5938d30

  • SHA1

    d81a542728ac0676ded0e0719c69c171ec143ab9

  • SHA256

    f26faa8feb3af1bc8627bc381c784e98e9e4fbe76dc81723027f76db7aaa5760

  • SHA512

    f5a08336781c8755e5af7efa49d695a56e3a126334bfac60196e1d000ebab2a389a260ac7b99ba0c372b4b664ad369b549d52705c6eb9ee70e41b93f04a4bc02

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bS:sxX7QnxrloE5dpUp+b

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      f26faa8feb3af1bc8627bc381c784e98e9e4fbe76dc81723027f76db7aaa5760

    • Size

      2.6MB

    • MD5

      638cd94bff692e468f5630adc5938d30

    • SHA1

      d81a542728ac0676ded0e0719c69c171ec143ab9

    • SHA256

      f26faa8feb3af1bc8627bc381c784e98e9e4fbe76dc81723027f76db7aaa5760

    • SHA512

      f5a08336781c8755e5af7efa49d695a56e3a126334bfac60196e1d000ebab2a389a260ac7b99ba0c372b4b664ad369b549d52705c6eb9ee70e41b93f04a4bc02

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bS:sxX7QnxrloE5dpUp+b

    Score
    7/10
    discoverypersistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks