17f25061b61d7c5e13507beab2a204052ab94dbaedc20ef4aa7950b720dcc7f6 | Triage

Sharing

General

Target

17f25061b61d7c5e13507beab2a204052ab94dbaedc20ef4aa7950b720dcc7f6
Size

713KB
Sample

221004-jl8fwsacbp
MD5

3ea740325d1888e839b7b476ac71b744
SHA1

f4108c5f5d0f0cd339e43f92c2a7d526069d4a94
SHA256

17f25061b61d7c5e13507beab2a204052ab94dbaedc20ef4aa7950b720dcc7f6
SHA512

2d27964eaff627d3dd8450eff3565a7b25981cc5c89e1564b5a388a2e46cd0207204f6371f17c3c991e00309595077598dd4abaaaa5da6bd07f0f6975b74d11c
SSDEEP

12288:w/XM4DShe9EcHPLrLZ5AICgkTP3/2raBGe+RLSQyXVgPqzHKjUVmjwX:cM4DSs9FvzAICgkT2raBGZhWFyq2cmjO

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  17f25061b61d7c5e13507beab2a204052ab94dbaedc20ef4aa7950b720dcc7f6
- Size
  
  713KB
- MD5
  
  3ea740325d1888e839b7b476ac71b744
- SHA1
  
  f4108c5f5d0f0cd339e43f92c2a7d526069d4a94
- SHA256
  
  17f25061b61d7c5e13507beab2a204052ab94dbaedc20ef4aa7950b720dcc7f6
- SHA512
  
  2d27964eaff627d3dd8450eff3565a7b25981cc5c89e1564b5a388a2e46cd0207204f6371f17c3c991e00309595077598dd4abaaaa5da6bd07f0f6975b74d11c
- SSDEEP
  
  12288:w/XM4DShe9EcHPLrLZ5AICgkTP3/2raBGe+RLSQyXVgPqzHKjUVmjwX:cM4DSs9FvzAICgkT2raBGZhWFyq2cmjO
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2