f65ba83c6db3672614119dca0ea2b948100f2d984e642c674a84d9d3498481cf | Triage

Sharing

General

Target

f65ba83c6db3672614119dca0ea2b948100f2d984e642c674a84d9d3498481cf
Size

180KB
Sample

220824-1df54sccc8
MD5

6b4c224c16e852bdc7ed2001597cde9d
SHA1

70517a53551269d68b969a9328842cea2e1f975c
SHA256

f65ba83c6db3672614119dca0ea2b948100f2d984e642c674a84d9d3498481cf
SHA512

a383bc2ffbacd2f1b9b7863e8ea41ba83873edc2e2c42b74e180767e42cc2dd711109c657ab7b602492ad3962e89fb09c588efc564acae03303143b241b6dcf5
SSDEEP

3072:yscjOeJv94aM0WRtmJQd/osAyP9OHDxqTq2Mia0ZNfo+CnkuRux43v0VrO095TGn:ysVeB943AfykD67MitZt0ux4f0VrOBu8

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  f65ba83c6db3672614119dca0ea2b948100f2d984e642c674a84d9d3498481cf
- Size
  
  180KB
- MD5
  
  6b4c224c16e852bdc7ed2001597cde9d
- SHA1
  
  70517a53551269d68b969a9328842cea2e1f975c
- SHA256
  
  f65ba83c6db3672614119dca0ea2b948100f2d984e642c674a84d9d3498481cf
- SHA512
  
  a383bc2ffbacd2f1b9b7863e8ea41ba83873edc2e2c42b74e180767e42cc2dd711109c657ab7b602492ad3962e89fb09c588efc564acae03303143b241b6dcf5
- SSDEEP
  
  3072:yscjOeJv94aM0WRtmJQd/osAyP9OHDxqTq2Mia0ZNfo+CnkuRux43v0VrO095TGn:ysVeB943AfykD67MitZt0ux4f0VrOBu8
Score

8^/10

spyware stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2