178cf2e50182606e000719ee8b7caa9c620950155542d10de6dd7eb5a2a34d01 | Triage

Sharing

General

Target

d5c5b23355fd928c660358f5ca0ae439.exe
Size

312KB
Sample

200701-kvahplqqmx
MD5

d5c5b23355fd928c660358f5ca0ae439
SHA1

87508a996eac3dae3ce463c7de2c3ee3b4812cc2
SHA256

178cf2e50182606e000719ee8b7caa9c620950155542d10de6dd7eb5a2a34d01
SHA512

e18bf114428037b3df3a62c76fdec73d2790c27e4ebc0beca8bda69e65c544aed7606917b21ac85af07a18575f3da4a3941695f517176668ba1dee1e368da430

Score

7^/10

discovery spyware

Malware Config

Targets

- Target
  
  d5c5b23355fd928c660358f5ca0ae439.exe
- Size
  
  312KB
- MD5
  
  d5c5b23355fd928c660358f5ca0ae439
- SHA1
  
  87508a996eac3dae3ce463c7de2c3ee3b4812cc2
- SHA256
  
  178cf2e50182606e000719ee8b7caa9c620950155542d10de6dd7eb5a2a34d01
- SHA512
  
  e18bf114428037b3df3a62c76fdec73d2790c27e4ebc0beca8bda69e65c544aed7606917b21ac85af07a18575f3da4a3941695f517176668ba1dee1e368da430
Score

7^/10

spyware discovery
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Checks for installed software on the system
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

spywarediscovery

behavioral2

discoveryspyware