Overview

overview

7

Static

static

3

aha.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aha.exe

  • Size

    102.5MB

  • Sample

    240701-wwe9basbnf

  • MD5

    79187d15d6576c85a3f0ce7d5ae4f7fa

  • SHA1

    94875f87433095632e4dfe7c1b37c392bd2ad8cd

  • SHA256

    c944edfc39d7e618f5beb358f821ad51870771166c83a98519dd6542650c36cd

  • SHA512

    2d7e2438878dffc07fe8424ef4382fcb1c88dc8a68bd4e81ddb5f5e7fa9f4990d00795adfc186e8827efe1ac53b4e15d9ad00f0f270be03c10c44f5739b75c16

  • SSDEEP

    3145728:MUqgYRPSC++6y9JkRXX5M3gbcKCmU2qHO5iVf6jUEk:pqxaC4y9OBE2CmUHCixuU

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      aha.exe

    • Size

      102.5MB

    • MD5

      79187d15d6576c85a3f0ce7d5ae4f7fa

    • SHA1

      94875f87433095632e4dfe7c1b37c392bd2ad8cd

    • SHA256

      c944edfc39d7e618f5beb358f821ad51870771166c83a98519dd6542650c36cd

    • SHA512

      2d7e2438878dffc07fe8424ef4382fcb1c88dc8a68bd4e81ddb5f5e7fa9f4990d00795adfc186e8827efe1ac53b4e15d9ad00f0f270be03c10c44f5739b75c16

    • SSDEEP

      3145728:MUqgYRPSC++6y9JkRXX5M3gbcKCmU2qHO5iVf6jUEk:pqxaC4y9OBE2CmUHCixuU

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks