1d1e2556db80e016199915d448a057fb0821a78b4af1723f4bb7923f01f8bede | Triage

Sharing

General

Target

tau111.zip
Size

230KB
Sample

201117-3adkja6s7s
MD5

8dd3f26b3bd7e9a4452e2bd334b9cf24
SHA1

ce94032cce23ae8094f80bb0e617f8e36806bc21
SHA256

1d1e2556db80e016199915d448a057fb0821a78b4af1723f4bb7923f01f8bede
SHA512

280bc678a6ad936abd647d254f8bb9c6bd91832dda3c3b97f734477f142beb4229b4462e384f49618083828aac76d97e2997047d1dcd8f47a5ac76ef47c0e992

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  tau111.exe
- Size
  
  415KB
- MD5
  
  e72c8df812ee00589597057b3bee1d1e
- SHA1
  
  31f682c804ec18fe64cbc1d78c5cc78da62b475c
- SHA256
  
  0225479715533333057d0bf8ccc230c08d3a097129a9615bd9f9a0cc46b74acb
- SHA512
  
  2c66eb756402aa11c2a542eaf34a82f58e7c463f061a60dd62a69cc050b1984318d0b4f7154afe94e1ad686f804104b532c957d2ae93dc8b96341adba1068040
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer