f12a8ae432edc459bb5572d314f46fabe296d4c7afb159e8d4dd4726233712f7 | Triage

Resubmissions

28-04-2024 10:25

240428-mgff4adh4y 7

28-04-2024 10:21

240428-md5xksdg7x 7

Sharing

General

Target

f12a8ae432edc459bb5572d314f46fabe296d4c7afb159e8d4dd4726233712f7
Size

583KB
Sample

240428-md5xksdg7x
MD5

c6c10472382655406f80eee5f80aadba
SHA1

01327b740d4181178d585c33aa795f37dd7494de
SHA256

f12a8ae432edc459bb5572d314f46fabe296d4c7afb159e8d4dd4726233712f7
SHA512

2981616b5a62da41a356f458b2a4b9c6a969097ea7b4e63e356e248fb40659bf1aa5cc870fe7b36cfc652a12742865742f130c8c0892c7cf155cb0c0858b62c0
SSDEEP

12288:dd+azbvt7a3iwbihym2g7XO3LWUQfh4Co:3BzbA+gkE2fh4Co

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  f12a8ae432edc459bb5572d314f46fabe296d4c7afb159e8d4dd4726233712f7
- Size
  
  583KB
- MD5
  
  c6c10472382655406f80eee5f80aadba
- SHA1
  
  01327b740d4181178d585c33aa795f37dd7494de
- SHA256
  
  f12a8ae432edc459bb5572d314f46fabe296d4c7afb159e8d4dd4726233712f7
- SHA512
  
  2981616b5a62da41a356f458b2a4b9c6a969097ea7b4e63e356e248fb40659bf1aa5cc870fe7b36cfc652a12742865742f130c8c0892c7cf155cb0c0858b62c0
- SSDEEP
  
  12288:dd+azbvt7a3iwbihym2g7XO3LWUQfh4Co:3BzbA+gkE2fh4Co
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2