2c6e680456a5d80d6c230d34d82ba6a3ad5c9041bb75776e6385e0b182e3624a | Triage

Sharing

General

Target

tmp
Size

1.7MB
Sample

220521-jgzm7adhgq
MD5

46941fd0c90a281ad25d2d68737bcf8d
SHA1

22bcb0ff4bd0229d0eef4d13c194b5ad0bbe0fd3
SHA256

2c6e680456a5d80d6c230d34d82ba6a3ad5c9041bb75776e6385e0b182e3624a
SHA512

5bbe0a8b1b21116754ce411bd12c62b0edf1cbaa92c70368f61632bbada33b2a2ba419c25253e3b25f9a0f0750fe07b9a86a26e44f0947d278e1f794629d42be

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  tmp
- Size
  
  1.7MB
- MD5
  
  46941fd0c90a281ad25d2d68737bcf8d
- SHA1
  
  22bcb0ff4bd0229d0eef4d13c194b5ad0bbe0fd3
- SHA256
  
  2c6e680456a5d80d6c230d34d82ba6a3ad5c9041bb75776e6385e0b182e3624a
- SHA512
  
  5bbe0a8b1b21116754ce411bd12c62b0edf1cbaa92c70368f61632bbada33b2a2ba419c25253e3b25f9a0f0750fe07b9a86a26e44f0947d278e1f794629d42be
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer