Overview

overview

7

Static

static

3

d034c018f4...ed.exe

windows7-x64

7

d034c018f4...ed.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d034c018f4146b5c10d86c7a9839f754d3300e955372fd28e80abd850f6f5ded

  • Size

    191KB

  • Sample

    250218-jqqrmsymgs

  • MD5

    826f550207fcf20aa9539cc671dfccaf

  • SHA1

    b61b8f54e93a7f1c7b09c24f9f84245f709ff241

  • SHA256

    d034c018f4146b5c10d86c7a9839f754d3300e955372fd28e80abd850f6f5ded

  • SHA512

    89711c9c2018dfa5f076ed1ec0807f8bdf82d7ff8522aea1c659c5903a636909294fd23a5522524cd25148d9f6760412032eb899dfc7f18cde9b03f3021161a6

  • SSDEEP

    3072:8iNe+azbRPrlr9RXFvARYLJXJoYtpA/H3RpDecC+EZX70RjLTu46R0Eb:I+azbRZvJgYLjvqXRpDecw7Kj3u46db

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      d034c018f4146b5c10d86c7a9839f754d3300e955372fd28e80abd850f6f5ded

    • Size

      191KB

    • MD5

      826f550207fcf20aa9539cc671dfccaf

    • SHA1

      b61b8f54e93a7f1c7b09c24f9f84245f709ff241

    • SHA256

      d034c018f4146b5c10d86c7a9839f754d3300e955372fd28e80abd850f6f5ded

    • SHA512

      89711c9c2018dfa5f076ed1ec0807f8bdf82d7ff8522aea1c659c5903a636909294fd23a5522524cd25148d9f6760412032eb899dfc7f18cde9b03f3021161a6

    • SSDEEP

      3072:8iNe+azbRPrlr9RXFvARYLJXJoYtpA/H3RpDecC+EZX70RjLTu46R0Eb:I+azbRZvJgYLjvqXRpDecw7Kj3u46db

    Score
    7/10
    discoveryspywarestealer

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks