Overview

overview

7

Static

static

3

Cleaner (1).exe

windows7-x64

6

Cleaner (1).exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Cleaner (1).exe

  • Size

    6.0MB

  • Sample

    241126-a2zz1svmc1

  • MD5

    0ccec651d8bba5994aa039f5a9af46b6

  • SHA1

    002427c48cbc4e64ff5a901f9b89abf7cef7e942

  • SHA256

    c5cfe062d0895b2bd6621e06da7ee7e030de2e85f1fc2be62d734ce694bb29bf

  • SHA512

    925b5a7f321e7dc37ad6275e38ddf54d4dee3c78c6735c40ede18ee0f831b6831edea5e898f174993e14f167ef54e22796eaac7b8444eb502679a788ec22ad83

  • SSDEEP

    98304:qjQzPx3jrd/pJt5hkgpvmzJikw7Q+p0bkKefSfF2UgqzVEo8snr4unLnM/lVJh8n:qs3jrFpJt5hku+zJiJM+iwKefM3RvZse

Score
7/10
defense_evasiondiscoveryspywarestealer

Malware Config

Targets

    • Target

      Cleaner (1).exe

    • Size

      6.0MB

    • MD5

      0ccec651d8bba5994aa039f5a9af46b6

    • SHA1

      002427c48cbc4e64ff5a901f9b89abf7cef7e942

    • SHA256

      c5cfe062d0895b2bd6621e06da7ee7e030de2e85f1fc2be62d734ce694bb29bf

    • SHA512

      925b5a7f321e7dc37ad6275e38ddf54d4dee3c78c6735c40ede18ee0f831b6831edea5e898f174993e14f167ef54e22796eaac7b8444eb502679a788ec22ad83

    • SSDEEP

      98304:qjQzPx3jrd/pJt5hkgpvmzJikw7Q+p0bkKefSfF2UgqzVEo8snr4unLnM/lVJh8n:qs3jrFpJt5hku+zJiJM+iwKefM3RvZse

    Score
    7/10
    discoverydefense_evasionspywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks