023fb24e4591fcbbff6096a61e7cbfb79bc1bade9236dd0db6ede7ab1e00bf9f | Triage

Resubmissions

27/02/2024, 01:36

240227-b1mtqsdg2v 10

10/10/2020, 04:17

201010-bxlhq7f792 7

Sharing

General

Target

ac.exe
Size

396KB
Sample

201010-bxlhq7f792
MD5

5cddc68460463a32782f94c595dea500
SHA1

786ad838dfbea097f192727d90bc899073ae3260
SHA256

023fb24e4591fcbbff6096a61e7cbfb79bc1bade9236dd0db6ede7ab1e00bf9f
SHA512

e8828d612037a5baf32fa6576cacea2b3c02c5618d7f750e86d4d73aec81a0d93989f754c8f2fa63bb2275f12ff4d740ef4c26db3882ada4f2ab1e5964700715

Score

7^/10

spyware

Malware Config

Targets

- Target
  
  ac.exe
- Size
  
  396KB
- MD5
  
  5cddc68460463a32782f94c595dea500
- SHA1
  
  786ad838dfbea097f192727d90bc899073ae3260
- SHA256
  
  023fb24e4591fcbbff6096a61e7cbfb79bc1bade9236dd0db6ede7ab1e00bf9f
- SHA512
  
  e8828d612037a5baf32fa6576cacea2b3c02c5618d7f750e86d4d73aec81a0d93989f754c8f2fa63bb2275f12ff4d740ef4c26db3882ada4f2ab1e5964700715
Score

7^/10

spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2