Overview

overview

7

Static

static

3

2024-11-21...ot.exe

windows7-x64

7

2024-11-21...ot.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-21_ee3890b41f9ecd3eff71b8e4b5ac35fd_luca-stealer_magniber_qakbot

  • Size

    4.7MB

  • Sample

    241121-ny9a6ssjbv

  • MD5

    ee3890b41f9ecd3eff71b8e4b5ac35fd

  • SHA1

    bb3760f6214413987b35be1e3fa5b72e75df0647

  • SHA256

    e8af3b1da50eaf205a850b609433908755cb6f35e1c0d1245b538e3dc8c5c785

  • SHA512

    af3628b8de1a52b7f2fb52ae7c1e57e8fa77fc69d47b41157ea4bf39a38ceb185cd4b966f1fe34063aa22155b016a60b9147fdb39e992bf5edea9df468e03d68

  • SSDEEP

    98304:EPQEh5Wx9bqsQX+rE5Wlskps9xj9GMxE+vIwhMIQbm69CEN6rV:wxh0qsQOoJlhJhpkmIm

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      2024-11-21_ee3890b41f9ecd3eff71b8e4b5ac35fd_luca-stealer_magniber_qakbot

    • Size

      4.7MB

    • MD5

      ee3890b41f9ecd3eff71b8e4b5ac35fd

    • SHA1

      bb3760f6214413987b35be1e3fa5b72e75df0647

    • SHA256

      e8af3b1da50eaf205a850b609433908755cb6f35e1c0d1245b538e3dc8c5c785

    • SHA512

      af3628b8de1a52b7f2fb52ae7c1e57e8fa77fc69d47b41157ea4bf39a38ceb185cd4b966f1fe34063aa22155b016a60b9147fdb39e992bf5edea9df468e03d68

    • SSDEEP

      98304:EPQEh5Wx9bqsQX+rE5Wlskps9xj9GMxE+vIwhMIQbm69CEN6rV:wxh0qsQOoJlhJhpkmIm

    Score
    7/10
    discoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks