https://share.dmca.gripe/kLeYSMWOJgCHh3DR.rar

Sample

201122-k975ptaare

Score

8 ^/10

Target

https://share.dmca.gripe/kLeYSMWOJgCHh3DR.rar

Score

8 ^/10

Signatures

Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers

Description

Infostealers often target stored browser data, which can include saved credentials etc.

Tags

spyware

TTPs

Data from Local System Credentials in Files
Checks installed software on the system

Description

Looks up Uninstall key entries in the registry to enumerate software on the system.

Tags

discovery

TTPs

Query Registry
Drops Chrome extension
Drops desktop.ini file(s)
JavaScript code in executable

Related Tasks

behavioral1

Collection

Data from Local System

Command and Control

Credential Access

Credentials in Files

Defense Evasion

Modify Registry

Discovery

Query Registry

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

urlscan1

behavioral1

discovery spyware

8^/10

Tags

Signatures

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Description

Tags

TTPs

Checks installed software on the system

Description

Tags

TTPs

Drops Chrome extension

Drops desktop.ini file(s)

JavaScript code in executable

Related Tasks

static1

urlscan1

behavioral1