fc3bffb975ba99e23a17be13ebdbfaddfbc1f323cdeeb863d2cbfb2f59d0ea0e | Triage

Sharing

General

Target

fc3bffb975ba99e23a17be13ebdbfaddfbc1f323cdeeb863d2cbfb2f59d0ea0e
Size

461KB
Sample

210915-jt29vaabd4
MD5

cc8487c7ed793e54f583f4bf6ed37ff4
SHA1

4c8093252e5064c7c853d14c645992f07349f70d
SHA256

fc3bffb975ba99e23a17be13ebdbfaddfbc1f323cdeeb863d2cbfb2f59d0ea0e
SHA512

e2e2b528f32a025075d2af6dbf38d5f74bcf4b6919dbf7e231a8e525c4ecc90526bc3dc61a1db09cc7267c8764292d8c9f21e74b53d15894328f0958666a1233

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  fc3bffb975ba99e23a17be13ebdbfaddfbc1f323cdeeb863d2cbfb2f59d0ea0e
- Size
  
  461KB
- MD5
  
  cc8487c7ed793e54f583f4bf6ed37ff4
- SHA1
  
  4c8093252e5064c7c853d14c645992f07349f70d
- SHA256
  
  fc3bffb975ba99e23a17be13ebdbfaddfbc1f323cdeeb863d2cbfb2f59d0ea0e
- SHA512
  
  e2e2b528f32a025075d2af6dbf38d5f74bcf4b6919dbf7e231a8e525c4ecc90526bc3dc61a1db09cc7267c8764292d8c9f21e74b53d15894328f0958666a1233
Score

8^/10

discovery spyware stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer