560eea0aa70d13747bf2522b6a87b33bc59a8f63cf2a2b26024181f012c01bfb | Triage

Sharing

General

Target

a43b6b78eb285916fb4740e4e431e2333d3601850afd99f6ef0f279bdd14f683.bin.sample.gz
Size

231KB
Sample

201205-4by1fgffxn
MD5

6d055a61007e9c7bb04f90940cbe58e1
SHA1

df38e7043e8200cf12fa541a3293225f182da2fc
SHA256

560eea0aa70d13747bf2522b6a87b33bc59a8f63cf2a2b26024181f012c01bfb
SHA512

1426c6e8692a9b174b1a12fffde49819226454a3f284b234ed6f2a08f753a0e172f5ac7a83b4a4fba8eaf0cb5dd4a3f425f1fa82876b4ebb92e4e2d958ce8196

Score

7^/10

spyware

Malware Config

Targets

- Target
  
  sample
- Size
  
  231KB
- MD5
  
  b97ff4c24dfb2a65748501879b846bf8
- SHA1
  
  d1291797c89d92f574a34ae6e49f37f054273bab
- SHA256
  
  a43b6b78eb285916fb4740e4e431e2333d3601850afd99f6ef0f279bdd14f683
- SHA512
  
  fb70e9393dbf2a09594f35488350b110737fd0e42845d0ef9fc2a3ceb05589c2a546ac2574653eee5ed1952f9d1349dd8b6842c52453a54b3c172341dbeb1eff
Score

7^/10

spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2