9d0cab50bb6f1900fe4a4071d2d69f7d1660889bbefc490215529b41764b610f | Triage

Sharing

General

Target

9d0cab50bb6f1900fe4a4071d2d69f7d1660889bbefc490215529b41764b610f
Size

833KB
Sample

221001-2ckycaaaf6
MD5

71a05d4bbfeb44b8119932f06f747e2b
SHA1

547c3220e9f821180da97c272f6934a2dbf32467
SHA256

9d0cab50bb6f1900fe4a4071d2d69f7d1660889bbefc490215529b41764b610f
SHA512

46c8373f5a86315ae25753042f3cebd1e4fa02c15aaca7d46fcbcd1742aa3f6b60e0729cd20e47cdf98c0c041f61855ac7f18c81940b3c7f4866f34842257c11
SSDEEP

24576:WGrf7tHd3I3qUTutHHy0iaq9g15h6FtY0:WGrJAqu+7Iu1HK

Score

8^/10

discovery persistence spyware stealer upx

Malware Config

Targets

- Target
  
  9d0cab50bb6f1900fe4a4071d2d69f7d1660889bbefc490215529b41764b610f
- Size
  
  833KB
- MD5
  
  71a05d4bbfeb44b8119932f06f747e2b
- SHA1
  
  547c3220e9f821180da97c272f6934a2dbf32467
- SHA256
  
  9d0cab50bb6f1900fe4a4071d2d69f7d1660889bbefc490215529b41764b610f
- SHA512
  
  46c8373f5a86315ae25753042f3cebd1e4fa02c15aaca7d46fcbcd1742aa3f6b60e0729cd20e47cdf98c0c041f61855ac7f18c81940b3c7f4866f34842257c11
- SSDEEP
  
  24576:WGrf7tHd3I3qUTutHHy0iaq9g15h6FtY0:WGrJAqu+7Iu1HK
Score

8^/10

discovery persistence spyware stealer upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealerupx

behavioral2