564d2ed4dfac032f6c36bba7778cf9165ba31b2c23554f2d52b433144117dd9d | Triage

Sharing

General

Target

564d2ed4dfac032f6c36bba7778cf9165ba31b2c23554f2d52b433144117dd9d
Size

2.6MB
Sample

240428-k73yzacd89
MD5

819677edb665cb558559a8924a34ceb7
SHA1

cf6503d3544652a9588a0a410d739777d2cec135
SHA256

564d2ed4dfac032f6c36bba7778cf9165ba31b2c23554f2d52b433144117dd9d
SHA512

e3d09dbcf33cabcaee25d526ba41171ed75744d88af11158e5d5d65e79f45be9dae23b1514ce15845e983401014a23f851f9189dc7d7baa562ef8716d280e612
SSDEEP

49152:EAo0C8MlEjZp0tLSYBZew6cvQ09E5pXhEQTZ1lsc47v0dauuN1BFc7Bg6:7RdZpMxBZewrV9+e0dapN1ByB

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  564d2ed4dfac032f6c36bba7778cf9165ba31b2c23554f2d52b433144117dd9d
- Size
  
  2.6MB
- MD5
  
  819677edb665cb558559a8924a34ceb7
- SHA1
  
  cf6503d3544652a9588a0a410d739777d2cec135
- SHA256
  
  564d2ed4dfac032f6c36bba7778cf9165ba31b2c23554f2d52b433144117dd9d
- SHA512
  
  e3d09dbcf33cabcaee25d526ba41171ed75744d88af11158e5d5d65e79f45be9dae23b1514ce15845e983401014a23f851f9189dc7d7baa562ef8716d280e612
- SSDEEP
  
  49152:EAo0C8MlEjZp0tLSYBZew6cvQ09E5pXhEQTZ1lsc47v0dauuN1BFc7Bg6:7RdZpMxBZewrV9+e0dapN1ByB
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2