Overview

overview

7

Static

static

3

OperaGXSetup.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    OperaGXSetup.exe

  • Size

    3.8MB

  • Sample

    250125-c2y4ts1mfw

  • MD5

    8decf1a7f7f888f72d81104c428ea5f3

  • SHA1

    45508acabb009c8877d86bbb931c5f27b22a748f

  • SHA256

    e60c452bf67bb4ea722a1616347102a1870c9c140976045d88e365f1304d73a0

  • SHA512

    77ea49f934d0ff76e6767911a63a942d040321723548b6ac6aca48d072118b8eeb0eaf596ec2450c4f874fee880125345e6264a98056d1123a8f8b88e5eff4ce

  • SSDEEP

    98304:SAUnubuV70ftsOmh+xUYOfxVkvXbd1YSouYBA1pm/VrB2:oD0fts+eZfiXbfYJuD1pmz2

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      OperaGXSetup.exe

    • Size

      3.8MB

    • MD5

      8decf1a7f7f888f72d81104c428ea5f3

    • SHA1

      45508acabb009c8877d86bbb931c5f27b22a748f

    • SHA256

      e60c452bf67bb4ea722a1616347102a1870c9c140976045d88e365f1304d73a0

    • SHA512

      77ea49f934d0ff76e6767911a63a942d040321723548b6ac6aca48d072118b8eeb0eaf596ec2450c4f874fee880125345e6264a98056d1123a8f8b88e5eff4ce

    • SSDEEP

      98304:SAUnubuV70ftsOmh+xUYOfxVkvXbd1YSouYBA1pm/VrB2:oD0fts+eZfiXbfYJuD1pmz2

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks