64747cd911d20ca2b0702cbacdea86ee93d3448a6e4542b25df294d7c1c85cbe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64747cd911d20ca2b0702cbacdea86ee93d3448a6e4542b25df294d7c1c85cbe
Size

52KB
Sample

221003-rt3jlsbad2
MD5

68ff8af728487f9988abc28f60171360
SHA1

0da6334e03c7e7689c74c89c4bf4edee4b2d5291
SHA256

64747cd911d20ca2b0702cbacdea86ee93d3448a6e4542b25df294d7c1c85cbe
SHA512

41736913d0163e70a05d6a321d338d2e3205abf14f5f73a36b78686f4f80c1f71a8e8df243e7276933f1a9980ab7ab6521fdd8f9d1fb15230f2000623ceadecb
SSDEEP

768:ujjYmM5rGqLABbveErTzr/Zahzie9lUZqf9whouE9hO7T:cjYmQeVEhjjfOhcDO7T

Score

10^/10

spyware stealer

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
185.28.20.94
Port:
21
Username:
u318050805
Password:
1092387456ke

Targets

- Target
  
  64747cd911d20ca2b0702cbacdea86ee93d3448a6e4542b25df294d7c1c85cbe
- Size
  
  52KB
- MD5
  
  68ff8af728487f9988abc28f60171360
- SHA1
  
  0da6334e03c7e7689c74c89c4bf4edee4b2d5291
- SHA256
  
  64747cd911d20ca2b0702cbacdea86ee93d3448a6e4542b25df294d7c1c85cbe
- SHA512
  
  41736913d0163e70a05d6a321d338d2e3205abf14f5f73a36b78686f4f80c1f71a8e8df243e7276933f1a9980ab7ab6521fdd8f9d1fb15230f2000623ceadecb
- SSDEEP
  
  768:ujjYmM5rGqLABbveErTzr/Zahzie9lUZqf9whouE9hO7T:cjYmQeVEhjjfOhcDO7T
Score

10^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2