7ca4702709ff125a7ec1e503b4358a3a8cb5cc282f57b262589e5c113c461b83 | Triage

Submit
Reports

Overview

overview

Static

static

3

OurHack2.0.exe

windows10-2004-x64

Sharing

General

Target

OurHack2.0.exe
Size

424KB
Sample

240701-nehdca1hpm
MD5

4a1213a8c757f3c6c02e098e6a6b99c3
SHA1

4865d8f010a0929f3dabc631875699738b2c3e7b
SHA256

7ca4702709ff125a7ec1e503b4358a3a8cb5cc282f57b262589e5c113c461b83
SHA512

1613e0ae56a57a6e7935f4e7166c3c4e5b2a5683eb685d136fd32677e8c6f316d16c70064ba13e1101b6477f4fee68864358e091e0e7ab66b30e304b7c8d87c0
SSDEEP

12288:pzDTo+c8NlvH0tGJjeM5u8v+VmlE2GLJ0uQ:9xbP0tkaM5Rwm62001

Score

10^/10

collection spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

OurHack2.0.exe

Resource

win10v2004-20240611-en

collection spyware stealer upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
files.000webhost.com
Port:
21
Username:
kgarbuz2000

Targets

- Target
  
  OurHack2.0.exe
- Size
  
  424KB
- MD5
  
  4a1213a8c757f3c6c02e098e6a6b99c3
- SHA1
  
  4865d8f010a0929f3dabc631875699738b2c3e7b
- SHA256
  
  7ca4702709ff125a7ec1e503b4358a3a8cb5cc282f57b262589e5c113c461b83
- SHA512
  
  1613e0ae56a57a6e7935f4e7166c3c4e5b2a5683eb685d136fd32677e8c6f316d16c70064ba13e1101b6477f4fee68864358e091e0e7ab66b30e304b7c8d87c0
- SSDEEP
  
  12288:pzDTo+c8NlvH0tGJjeM5u8v+VmlE2GLJ0uQ:9xbP0tkaM5Rwm62001
Score

10^/10

collection spyware stealer upx
- NirSoft MailPassView
  Password recovery tool for various email clients
- NirSoft WebBrowserPassView
  Password recovery tool for various web browsers
- Nirsoft
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Accesses Microsoft Outlook accounts
  collection
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

collectionspywarestealerupx

© 2018-2024

Terms | Privacy