fed335ef41eea6c9b1971ab793fd17e9cfb4d8088f16ed23d0c7ec93819fcaac | Triage

Sharing

General

Target

fed335ef41eea6c9b1971ab793fd17e9cfb4d8088f16ed23d0c7ec93819fcaac.bin
Size

170KB
Sample

220922-plcbcabec6
MD5

17b33758e1e3c5296a471ac642387952
SHA1

0a545bf13d741f8089c0e3df98153d4b5f1a6f9c
SHA256

fed335ef41eea6c9b1971ab793fd17e9cfb4d8088f16ed23d0c7ec93819fcaac
SHA512

b3e0294481b9ee338a6300649db8eaba7317711f1585c062ca63015c9b375c79855f4e90c1779067b878492c8af65b18f655d0dee166460381b70b0ebc88bfef
SSDEEP

3072:wnlM2wgIwb+YRYWoegZfR7xMslGj5MZMI674NE74jSNew:wnyzgI8+y4r7xMslGj5MZMI674NE74jE

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  fed335ef41eea6c9b1971ab793fd17e9cfb4d8088f16ed23d0c7ec93819fcaac.bin
- Size
  
  170KB
- MD5
  
  17b33758e1e3c5296a471ac642387952
- SHA1
  
  0a545bf13d741f8089c0e3df98153d4b5f1a6f9c
- SHA256
  
  fed335ef41eea6c9b1971ab793fd17e9cfb4d8088f16ed23d0c7ec93819fcaac
- SHA512
  
  b3e0294481b9ee338a6300649db8eaba7317711f1585c062ca63015c9b375c79855f4e90c1779067b878492c8af65b18f655d0dee166460381b70b0ebc88bfef
- SSDEEP
  
  3072:wnlM2wgIwb+YRYWoegZfR7xMslGj5MZMI674NE74jSNew:wnyzgI8+y4r7xMslGj5MZMI674NE74jE
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2