1a537f30ab47f00b70f867ff3864c2c7ab30224ce2d443f23474054f31463567 | Triage

Sharing

General

Target

1a537f30ab47f00b70f867ff3864c2c7ab30224ce2d443f23474054f31463567
Size

1.0MB
Sample

220608-d69a2abdh2
MD5

b38094dd1906ba24beb97ec7055b21b1
SHA1

6aabc056817369549cb8c0c857395aa3ec6530ed
SHA256

1a537f30ab47f00b70f867ff3864c2c7ab30224ce2d443f23474054f31463567
SHA512

54a1347d8e63e54ed6781323384a22d16a3cf5cac1e477508ac7b59cee12b6642b2cfbdab46d2bb9cbc898af6e7149214a9564dcb2e694e8d3d94e3e3c18119b

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  1a537f30ab47f00b70f867ff3864c2c7ab30224ce2d443f23474054f31463567
- Size
  
  1.0MB
- MD5
  
  b38094dd1906ba24beb97ec7055b21b1
- SHA1
  
  6aabc056817369549cb8c0c857395aa3ec6530ed
- SHA256
  
  1a537f30ab47f00b70f867ff3864c2c7ab30224ce2d443f23474054f31463567
- SHA512
  
  54a1347d8e63e54ed6781323384a22d16a3cf5cac1e477508ac7b59cee12b6642b2cfbdab46d2bb9cbc898af6e7149214a9564dcb2e694e8d3d94e3e3c18119b
Score

8^/10

spyware stealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2