cac7d686190b1900c994ce2d108fe2c32c7942dad970a4dc42faede5dd8de06d | Triage

Sharing

General

Target

cac7d686190b1900c994ce2d108fe2c32c7942dad970a4dc42faede5dd8de06d
Size

415KB
Sample

220521-lhck6aefbk
MD5

bf73f442c3e29f2c6bd424c1ab1a8ce7
SHA1

96d28702a74faba27639f381a3ae27150d8277e8
SHA256

cac7d686190b1900c994ce2d108fe2c32c7942dad970a4dc42faede5dd8de06d
SHA512

9a1a8e6235b42faa6b8edd8020ec276b171cbc5ed7441b5ace0d25071c00881c35d4ff23b66c44ec5ac71fac49d36dc9c01add9330aabcb75b46bd554926ad2e

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  cac7d686190b1900c994ce2d108fe2c32c7942dad970a4dc42faede5dd8de06d
- Size
  
  415KB
- MD5
  
  bf73f442c3e29f2c6bd424c1ab1a8ce7
- SHA1
  
  96d28702a74faba27639f381a3ae27150d8277e8
- SHA256
  
  cac7d686190b1900c994ce2d108fe2c32c7942dad970a4dc42faede5dd8de06d
- SHA512
  
  9a1a8e6235b42faa6b8edd8020ec276b171cbc5ed7441b5ace0d25071c00881c35d4ff23b66c44ec5ac71fac49d36dc9c01add9330aabcb75b46bd554926ad2e
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer