Overview

overview

7

Static

static

3

69d2a08e04...6f.exe

windows7-x64

7

69d2a08e04...6f.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    69d2a08e048d3876f7f97b7dbe8b111fcf777e3ce7207d14e1749b25ccea1a6f.exe

  • Size

    2.6MB

  • Sample

    241121-h9yqxsyhrd

  • MD5

    2195ba47dd55c6c9200fb465c08c66bf

  • SHA1

    74c6227df42fc2aa90767372d01048be800c71b8

  • SHA256

    69d2a08e048d3876f7f97b7dbe8b111fcf777e3ce7207d14e1749b25ccea1a6f

  • SHA512

    b05e8d0212d4db01385b80fc15157265f4913648e4c6406416fa7044f6df237996aa32db5473efb28bec0ce9cf60a45e4524358303244c6237292fbe474b2d23

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bSqN:sxX7QnxrloE5dpUpwbVN

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      69d2a08e048d3876f7f97b7dbe8b111fcf777e3ce7207d14e1749b25ccea1a6f.exe

    • Size

      2.6MB

    • MD5

      2195ba47dd55c6c9200fb465c08c66bf

    • SHA1

      74c6227df42fc2aa90767372d01048be800c71b8

    • SHA256

      69d2a08e048d3876f7f97b7dbe8b111fcf777e3ce7207d14e1749b25ccea1a6f

    • SHA512

      b05e8d0212d4db01385b80fc15157265f4913648e4c6406416fa7044f6df237996aa32db5473efb28bec0ce9cf60a45e4524358303244c6237292fbe474b2d23

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bSqN:sxX7QnxrloE5dpUpwbVN

    Score
    7/10
    discoverypersistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks