Overview

overview

8

Static

static

1

file.exe

windows7-x64

8

file.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    3.7MB

  • Sample

    241212-s7l98a1kgm

  • MD5

    12c766cab30c7a0ef110f0199beda18b

  • SHA1

    efdc8eb63df5aae563c7153c3bd607812debeba4

  • SHA256

    7b2070ca45ec370acba43623fb52931ee52bee6f0ce74e6230179b058fa2c316

  • SHA512

    32cad9086d9c7a8d88c3bfcb0806f350f0df9624637439f1e34ab2efffa0c273faef0c226c388ed28f07381aef0655af9e3eb3e9557cbfd2d8c915b556b1cf10

  • SSDEEP

    49152:EgwK5Nvur0t7WHcef7XKUnxMrUhiZqD35L5v+3d1isWdBcfTVC:EgtjWIt7Nk7XKUnxMrUhiq5LJ+t1ioC

Score
8/10
discoveryexecutionspywarestealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      3.7MB

    • MD5

      12c766cab30c7a0ef110f0199beda18b

    • SHA1

      efdc8eb63df5aae563c7153c3bd607812debeba4

    • SHA256

      7b2070ca45ec370acba43623fb52931ee52bee6f0ce74e6230179b058fa2c316

    • SHA512

      32cad9086d9c7a8d88c3bfcb0806f350f0df9624637439f1e34ab2efffa0c273faef0c226c388ed28f07381aef0655af9e3eb3e9557cbfd2d8c915b556b1cf10

    • SSDEEP

      49152:EgwK5Nvur0t7WHcef7XKUnxMrUhiZqD35L5v+3d1isWdBcfTVC:EgtjWIt7Nk7XKUnxMrUhiq5LJ+t1ioC

    Score
    8/10
    discoveryexecutionspywarestealer

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks