812804c3d424a60f3f24eb743ca555d9e022436e139bab8cc6f2ceb3382a0b80 | Triage

Sharing

General

Target

812804c3d424a60f3f24eb743ca555d9e022436e139bab8cc6f2ceb3382a0b80
Size

213KB
Sample

210513-42rbfpg4we
MD5

b9a51b09291f4b33c6301070e9ab8360
SHA1

4c493b8a46f9ded53cb7b8e2edc80eb4db0928ae
SHA256

812804c3d424a60f3f24eb743ca555d9e022436e139bab8cc6f2ceb3382a0b80
SHA512

f3a468a8983c40762e1ffa1560d36605bfe94b63e53e4241baa4c575a220acd7be21d90266407df0e46f08eaf6f0a6a8bf7abecf1d3afca480ce6bc6cd44239f

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  812804c3d424a60f3f24eb743ca555d9e022436e139bab8cc6f2ceb3382a0b80
- Size
  
  213KB
- MD5
  
  b9a51b09291f4b33c6301070e9ab8360
- SHA1
  
  4c493b8a46f9ded53cb7b8e2edc80eb4db0928ae
- SHA256
  
  812804c3d424a60f3f24eb743ca555d9e022436e139bab8cc6f2ceb3382a0b80
- SHA512
  
  f3a468a8983c40762e1ffa1560d36605bfe94b63e53e4241baa4c575a220acd7be21d90266407df0e46f08eaf6f0a6a8bf7abecf1d3afca480ce6bc6cd44239f
Score

8^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2