cd1bb0b84729b272e28a48cdfc22ef1f2577e4a1779a9fe871e54cf71707ded8 | Triage

Sharing

General

Target

Quax0r.exe
Size

16KB
Sample

220601-k42xhabcfn
MD5

779b96f25a5c23fb88062503290e69ce
SHA1

1d3b85c38418d296ced87fb7155e40aad8cb0773
SHA256

cd1bb0b84729b272e28a48cdfc22ef1f2577e4a1779a9fe871e54cf71707ded8
SHA512

7ac94fb7d832302f0aba124f41e168d00e1b3567ff88b7938c25cfb4dd72539e80b56862abf65be99f800d2dec034dbab56be3d5021175a314beee65def9ce3a

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Quax0r.exe
- Size
  
  16KB
- MD5
  
  779b96f25a5c23fb88062503290e69ce
- SHA1
  
  1d3b85c38418d296ced87fb7155e40aad8cb0773
- SHA256
  
  cd1bb0b84729b272e28a48cdfc22ef1f2577e4a1779a9fe871e54cf71707ded8
- SHA512
  
  7ac94fb7d832302f0aba124f41e168d00e1b3567ff88b7938c25cfb4dd72539e80b56862abf65be99f800d2dec034dbab56be3d5021175a314beee65def9ce3a
Score

7^/10

spyware stealer
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2