Overview

overview

7

Static

static

3

eaacab1e70...25.exe

windows7-x64

7

eaacab1e70...25.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eaacab1e707f3796e472badda56a24c6cc094ead73c92e9d05d3741859bd8225.exe

  • Size

    4.7MB

  • Sample

    241121-ky6nha1eqm

  • MD5

    a4b519b37844d51ed698216f3ce096d4

  • SHA1

    7d7c671e7fbde7913d6c5bf6bf47e763d1ceb23c

  • SHA256

    eaacab1e707f3796e472badda56a24c6cc094ead73c92e9d05d3741859bd8225

  • SHA512

    032760e9795b5e1b50fc58c1a44af96369f48905e3b1dfcf843d30c4ed011b2169e95fbc28bbaf247d3978b5ecadc10627ff684d6f8375a3f6d504978d52131c

  • SSDEEP

    98304:wVHKSERbPVHjVHKSERbPSERbPVHjVHKSERbPSERbY:U

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      eaacab1e707f3796e472badda56a24c6cc094ead73c92e9d05d3741859bd8225.exe

    • Size

      4.7MB

    • MD5

      a4b519b37844d51ed698216f3ce096d4

    • SHA1

      7d7c671e7fbde7913d6c5bf6bf47e763d1ceb23c

    • SHA256

      eaacab1e707f3796e472badda56a24c6cc094ead73c92e9d05d3741859bd8225

    • SHA512

      032760e9795b5e1b50fc58c1a44af96369f48905e3b1dfcf843d30c4ed011b2169e95fbc28bbaf247d3978b5ecadc10627ff684d6f8375a3f6d504978d52131c

    • SSDEEP

      98304:wVHKSERbPVHjVHKSERbPSERbPVHjVHKSERbPSERbY:U

    Score
    7/10
    discoverypersistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks