3aec9b933f1cb444270f6710618048c992db65e5382229ad3bf982fa63a88954 | Triage

Sharing

General

Target

3aec9b933f1cb444270f6710618048c992db65e5382229ad3bf982fa63a88954
Size

415KB
Sample

220929-p8th5sbhem
MD5

8d9e3abc3bd038d82076bc641b0aec49
SHA1

f7c6ee425a14cdc240617ae9e7ab7a749bfdc813
SHA256

3aec9b933f1cb444270f6710618048c992db65e5382229ad3bf982fa63a88954
SHA512

2372fcf1bc8480eb12a5918dfa9d970e55379c4882d0eee6f6d1a07cae0b39d1e0ca937bee31a8c9109c085089e1efd351bf0d210d161c17d15ec89279525049
SSDEEP

6144:svHD3dl7jG9rUmxIWazJhssBymgUWDyYG1n/uzbgwuO0QGqwVfgG:sfDNl7ja4zJJg7NG1/unnw+

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  3aec9b933f1cb444270f6710618048c992db65e5382229ad3bf982fa63a88954
- Size
  
  415KB
- MD5
  
  8d9e3abc3bd038d82076bc641b0aec49
- SHA1
  
  f7c6ee425a14cdc240617ae9e7ab7a749bfdc813
- SHA256
  
  3aec9b933f1cb444270f6710618048c992db65e5382229ad3bf982fa63a88954
- SHA512
  
  2372fcf1bc8480eb12a5918dfa9d970e55379c4882d0eee6f6d1a07cae0b39d1e0ca937bee31a8c9109c085089e1efd351bf0d210d161c17d15ec89279525049
- SSDEEP
  
  6144:svHD3dl7jG9rUmxIWazJhssBymgUWDyYG1n/uzbgwuO0QGqwVfgG:sfDNl7ja4zJJg7NG1/unnw+
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer