6ea0f0bd75c37b5217a25f56d31821735feded4b6ad6141fdcce84a7e91c8e89 | Triage

Sharing

General

Target

6ea0f0bd75c37b5217a25f56d31821735feded4b6ad6141fdcce84a7e91c8e89
Size

294KB
Sample

210417-brtkpa7rpe
MD5

2099910ba6417aaf84a759d4982e90e6
SHA1

eced7b6852bd70e50ca8570132d3ed9062ee63de
SHA256

6ea0f0bd75c37b5217a25f56d31821735feded4b6ad6141fdcce84a7e91c8e89
SHA512

a2c7da5bf383b3e382af35caa20a04799f21c28a2e2e5456761f9e58d87e0b5630b3a574fd80dadba477857a7d5f361d21b42d46dda91476170bd36252ed881b

Score

10^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  6ea0f0bd75c37b5217a25f56d31821735feded4b6ad6141fdcce84a7e91c8e89
- Size
  
  294KB
- MD5
  
  2099910ba6417aaf84a759d4982e90e6
- SHA1
  
  eced7b6852bd70e50ca8570132d3ed9062ee63de
- SHA256
  
  6ea0f0bd75c37b5217a25f56d31821735feded4b6ad6141fdcce84a7e91c8e89
- SHA512
  
  a2c7da5bf383b3e382af35caa20a04799f21c28a2e2e5456761f9e58d87e0b5630b3a574fd80dadba477857a7d5f361d21b42d46dda91476170bd36252ed881b
Score

10^/10

persistence spyware stealer
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer