c82e474e76b1641ab73aafe25ebe9f509a27997a3d4e76015c5eabca15acdc63 | Triage

Submit
Reports

Overview

overview

8

Static

static

Factura de pago.exe

windows7_x64

8

Factura de pago.exe

windows10_x64

8

Sharing

General

Target

Factura de pago.exe
Size

798KB
Sample

200630-dc8lpcqb92
MD5

3c409356f954ac50a25de19954bbf681
SHA1

6e3a4701d83d60e703c5641ce209a3cc61875bb1
SHA256

c82e474e76b1641ab73aafe25ebe9f509a27997a3d4e76015c5eabca15acdc63
SHA512

815a920e7168cd56e23012d2e00e887abf79c5f4d2b9c8ff4d47bc1777f00f62478d189062e949b72aa53db3ba87be69ed2a7db52a8b27ec1e944a635dfc6daf

Score

8^/10

spyware

Static task

static1

Behavioral task

behavioral1

Sample

Factura de pago.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Factura de pago.exe

Resource

win10v200430

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Factura de pago.exe
- Size
  
  798KB
- MD5
  
  3c409356f954ac50a25de19954bbf681
- SHA1
  
  6e3a4701d83d60e703c5641ce209a3cc61875bb1
- SHA256
  
  c82e474e76b1641ab73aafe25ebe9f509a27997a3d4e76015c5eabca15acdc63
- SHA512
  
  815a920e7168cd56e23012d2e00e887abf79c5f4d2b9c8ff4d47bc1777f00f62478d189062e949b72aa53db3ba87be69ed2a7db52a8b27ec1e944a635dfc6daf
Score

8^/10

spyware
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy