73a97b147022c0f2f81ea263a4923b4cc63e6707b712be1eea87c2245cbe8c58 | Triage

Submit
Reports

Overview

overview

7

Static

static

qZX2UobMvgJ184T.exe

windows7_x64

7

qZX2UobMvgJ184T.exe

windows10_x64

7

Sharing

General

Target

qZX2UobMvgJ184T.exe
Size

399KB
Sample

200630-zg4zep9nn6
MD5

769241d6ba1735a877ac58e349797f7d
SHA1

3e8e2c2cf760a98011a91f512921aa9d9687a57c
SHA256

73a97b147022c0f2f81ea263a4923b4cc63e6707b712be1eea87c2245cbe8c58
SHA512

97f62be43f9b8d2c0726a73f058b048ca5a190f4f1d8f40f19920cf6da669f97d134008b53ed00869444b0c9e6399e5e2be5d0f4df5b500aea09879a4da3ede2

Score

7^/10

spyware

Static task

static1

Behavioral task

behavioral1

Sample

qZX2UobMvgJ184T.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

qZX2UobMvgJ184T.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  qZX2UobMvgJ184T.exe
- Size
  
  399KB
- MD5
  
  769241d6ba1735a877ac58e349797f7d
- SHA1
  
  3e8e2c2cf760a98011a91f512921aa9d9687a57c
- SHA256
  
  73a97b147022c0f2f81ea263a4923b4cc63e6707b712be1eea87c2245cbe8c58
- SHA512
  
  97f62be43f9b8d2c0726a73f058b048ca5a190f4f1d8f40f19920cf6da669f97d134008b53ed00869444b0c9e6399e5e2be5d0f4df5b500aea09879a4da3ede2
Score

7^/10

spyware
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy