da88d30253ac87e5a230bd33ff3e89b66b8c8634d7541208bc3d77dec3b5b04f | Triage

Submit
Reports

Overview

overview

Static

static

5

file222.exe

windows7_x64

7

file222.exe

windows10-2004_x64

Sharing

General

Target

da88d30253ac87e5a230bd33ff3e89b66b8c8634d7541208bc3d77dec3b5b04f
Size

971KB
Sample

220521-mnt8tscba4
MD5

05e36fe3e40fb7f3329c2183db1a6d9f
SHA1

402d9981038ff5500caebb74ecbb2f5bb97046ca
SHA256

da88d30253ac87e5a230bd33ff3e89b66b8c8634d7541208bc3d77dec3b5b04f
SHA512

30df2aa56998b35c4fc76de859ac071bdd8bea3587ad54f560473d460317d328099b6dceabc74c19850234516840b601273dbe14508f059052a66544bf58dda3

Score

10^/10

collection spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

file222.exe

Resource

win7-20220414-en

collection spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

file222.exe

Resource

win10v2004-20220414-en

collection spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
zstcznz.org
Port:
587
Username:
[email protected]
Password:
makonyo@2017

Targets

- Target
  
  file222.exe
- Size
  
  1.4MB
- MD5
  
  c9d56cb33b65cda35b2982afc41bc715
- SHA1
  
  b1e5ea66b740109e438142b0db1bab5eb474c30e
- SHA256
  
  69683827d1c627e34cd0c916bd53c3d1ab75c1bb48caa57543f1eaeb315f4f2d
- SHA512
  
  058b32cb57eab4d3eb7d1d6b778421f1f1513b46cae03aa3fc98f7f3c9c0a85a4f47a398f054b6366d70285836e795b2fafe04133e1927934e028f271446ac3d
Score

10^/10

collection spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

collectionspywarestealer

behavioral2

collectionspywarestealer

© 2018-2024

Terms | Privacy