47c3e2cfc4ebfbd1e42a10ef26e7b9f7e798f36172511cc5b59be84ed2950dfb | Triage

Submit
Reports

Overview

overview

7

Static

static

3

47c3e2cfc4...fb.exe

windows7-x64

7

47c3e2cfc4...fb.exe

windows10-2004-x64

7

Sharing

General

Target

47c3e2cfc4ebfbd1e42a10ef26e7b9f7e798f36172511cc5b59be84ed2950dfb
Size

1.8MB
Sample

240428-smwm6aae83
MD5

024a5fde7251708f7932686d0a34de35
SHA1

5ba8ab10f6b80cf96e351f2f95fd93241c47e8c3
SHA256

47c3e2cfc4ebfbd1e42a10ef26e7b9f7e798f36172511cc5b59be84ed2950dfb
SHA512

5885d22f1280d07c950edbba67108c8c9b17affcc75f8b2c57f53b9eced64e13cd030d57224d47fbcd6874a4edc621595ee9333bf8cd6cead29e94502cbe3e98
SSDEEP

49152:Dx5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAUYjyJVJyNfyPtYuTt3eIM:DvbjVkjjCAzJFYjQHiqPtXBeIM

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

47c3e2cfc4ebfbd1e42a10ef26e7b9f7e798f36172511cc5b59be84ed2950dfb.exe

Resource

win7-20240419-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

47c3e2cfc4ebfbd1e42a10ef26e7b9f7e798f36172511cc5b59be84ed2950dfb.exe

Resource

win10v2004-20240419-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  47c3e2cfc4ebfbd1e42a10ef26e7b9f7e798f36172511cc5b59be84ed2950dfb
- Size
  
  1.8MB
- MD5
  
  024a5fde7251708f7932686d0a34de35
- SHA1
  
  5ba8ab10f6b80cf96e351f2f95fd93241c47e8c3
- SHA256
  
  47c3e2cfc4ebfbd1e42a10ef26e7b9f7e798f36172511cc5b59be84ed2950dfb
- SHA512
  
  5885d22f1280d07c950edbba67108c8c9b17affcc75f8b2c57f53b9eced64e13cd030d57224d47fbcd6874a4edc621595ee9333bf8cd6cead29e94502cbe3e98
- SSDEEP
  
  49152:Dx5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAUYjyJVJyNfyPtYuTt3eIM:DvbjVkjjCAzJFYjQHiqPtXBeIM
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy