ea315e9e65af9d1d95ac0636abde389107bb131f99e9eeac2dd16821be1ba888

Resubmissions

03-05-2022 13:27

220503-qp34xaabfj 8

26-04-2022 04:40

220426-fajfvabab3 8

Sharing

Copy URL

Twitter E-mail

General

Target

341d69cf4f5d9be493ebe9913f4150cf.exe
Size

1.1MB
Sample

220426-fajfvabab3
MD5

341d69cf4f5d9be493ebe9913f4150cf
SHA1

b043c610bf6b1fea68701910870d439501d8f832
SHA256

ea315e9e65af9d1d95ac0636abde389107bb131f99e9eeac2dd16821be1ba888
SHA512

50534e155760d2dde64e0737f90b63d35c1b0e3136007476d9e62b8eaf0bfb42225a57dc340c12e45a7346cdf56a857e403b4230d561b32991f1155f4d8294ab

Score

8^/10

Malware Config

Targets

- Target
  
  341d69cf4f5d9be493ebe9913f4150cf.exe
- Size
  
  1.1MB
- MD5
  
  341d69cf4f5d9be493ebe9913f4150cf
- SHA1
  
  b043c610bf6b1fea68701910870d439501d8f832
- SHA256
  
  ea315e9e65af9d1d95ac0636abde389107bb131f99e9eeac2dd16821be1ba888
- SHA512
  
  50534e155760d2dde64e0737f90b63d35c1b0e3136007476d9e62b8eaf0bfb42225a57dc340c12e45a7346cdf56a857e403b4230d561b32991f1155f4d8294ab
Score

8^/10

discovery collection spyware stealer
- Blocklisted process makes network request
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook accounts
  collection
- Accesses Microsoft Outlook profiles
  collection
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

T1081

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Email Collection

T1114

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

Reads user/profile data of web browsers

Accesses Microsoft Outlook accounts

Accesses Microsoft Outlook profiles

Checks installed software on the system

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2