Overview

overview

7

Static

static

3

18b675f086...7N.exe

windows7-x64

7

18b675f086...7N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    18b675f086197caddce60836404da709b16cbaaa4a5f9d5d5b9050abd900c797N.exe

  • Size

    3.0MB

  • Sample

    241121-nj9y6a1elb

  • MD5

    a3c8988181930c0cb239f600ea216c30

  • SHA1

    5680c4ba928c769ef5a807d3f81b6e3f7c61817d

  • SHA256

    18b675f086197caddce60836404da709b16cbaaa4a5f9d5d5b9050abd900c797

  • SHA512

    897ec44ab4188d89fb0a945abc32ca2f8d3cc81b1a1509c36524938345cf67a229ce05e163842be328289b832c6044a763722594fd3da654f797e0a18984ebd6

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBaB/bSqz8b6LNX:sxX7QnxrloE5dpUp9bVz8eLF

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      18b675f086197caddce60836404da709b16cbaaa4a5f9d5d5b9050abd900c797N.exe

    • Size

      3.0MB

    • MD5

      a3c8988181930c0cb239f600ea216c30

    • SHA1

      5680c4ba928c769ef5a807d3f81b6e3f7c61817d

    • SHA256

      18b675f086197caddce60836404da709b16cbaaa4a5f9d5d5b9050abd900c797

    • SHA512

      897ec44ab4188d89fb0a945abc32ca2f8d3cc81b1a1509c36524938345cf67a229ce05e163842be328289b832c6044a763722594fd3da654f797e0a18984ebd6

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBaB/bSqz8b6LNX:sxX7QnxrloE5dpUp9bVz8eLF

    Score
    7/10
    discoverypersistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks