0596f3f5c6ad91b60a540a67dc2271c02b28f7cc14534df0ce67427b0e5ee66a | Triage

Sharing

General

Target

2020-01-08 114318.bin.zip
Size

193KB
Sample

200806-j9p4yd8p3j
MD5

aa146b66a7c920b4cb0689fb08591d5d
SHA1

a04ff758b104f6d9993e5af2661a39dc3cd11313
SHA256

0596f3f5c6ad91b60a540a67dc2271c02b28f7cc14534df0ce67427b0e5ee66a
SHA512

2733be1bb76e2795e25ccd0efa6441ff2425aa302697cc6789027c57cd55e53d752c2693c264d2289219f942d68deae98e35568ce6a75f08e8ef3b9e09e2515a

Score

7^/10

persistence spyware

Malware Config

Targets

- Target
  
  2020-01-08 114318.bin
- Size
  
  378KB
- MD5
  
  54c24db7a6b6186a5727042d7094c000
- SHA1
  
  c5b1d7d7ee1cfedf230dcf2106986afd1ab0eb06
- SHA256
  
  daccb68f01c806839d025c4d8ffda45357767e1dcc467d29f59cf64159176ab9
- SHA512
  
  7f842cfc37fbd35bf8337019170c8ba5119bf196190f07267a17be94d6d1699f027f17ba570d5c9fc10d5134a1b33c73ba88d7f1b867b29e66d91e10a84629f1
Score

7^/10

persistence spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespyware

behavioral2

persistencespyware