b372d01ef225928d8233fd12ec263ad8a32e5c07f7fa89be0ac904d2b82924f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Ace-s-Roblox-Limited-Sniper-main.zip
Size

30KB
Sample

220924-2jb9saccg7
MD5

36086ea464ced06e0ec72285c0daadea
SHA1

d3c2ccf0c9c2b82759e5de770279ff118b808856
SHA256

b372d01ef225928d8233fd12ec263ad8a32e5c07f7fa89be0ac904d2b82924f5
SHA512

fa38b19cf0068b6b2f2ba0dfcd36e4f1f17c7b14978d254efe006a2bc1e1eea50d5d89b6bc04231f03e74a84f97fc7744d5b5b1731838cdadb55368bfe15a50a
SSDEEP

768:q6JtQIrogIzFapad2F9SCjoQzK9QW5D7RYxI0CU:q6J284w9SCul7RGCU

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  Ace-s-Roblox-Limited-Sniper-main/AceLimitedSniperV4.exe
- Size
  
  78KB
- MD5
  
  4c32aa2a5ca63331e96759a756baf9f5
- SHA1
  
  05f562be8f151477ec4f5870465415fbd04ef440
- SHA256
  
  39d19f9e610fb1bca642fbf2259e520866604cff6e8ef558a55a75bdc6d6304b
- SHA512
  
  1f69c185b754b3f250381bc7823e498d5c6db9b7b155d758ece061dc8dbc947980cf6e0cacbfe417635c149f472bf7048780973ce3a32e792cea7c045b5f5b22
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+sPIC:5Zv5PDwbjNrmAE+AIC
Score

8^/10

spyware stealer
- Downloads MZ/PE file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Web Service

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2