9d9afba0fc3a930a117b8905b4ee4821bb5e922794306aac084a1b1e51b0391a | Triage

Sharing

General

Target

9d9afba0fc3a930a117b8905b4ee4821bb5e922794306aac084a1b1e51b0391a.exe
Size

614KB
Sample

221011-hamjlsacb3
MD5

4ff1701c87bbe196868574a141261708
SHA1

c17fb32dac1680e324f4fde436281927aedb10d5
SHA256

9d9afba0fc3a930a117b8905b4ee4821bb5e922794306aac084a1b1e51b0391a
SHA512

84b3a01deac6822cc2656d78f44764652e7a08a74aa2aaad06dd8a6d4478d6a3324128e327698edb027ad1d05476e41f8d57db6c10a611927e44300f8e40e95b
SSDEEP

6144:+rZSYomWS//JmcZiWE58TR45SYomWS//JmcZiWE58TR4u:dYomWS//JmcE2YomWS//JmcE

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  9d9afba0fc3a930a117b8905b4ee4821bb5e922794306aac084a1b1e51b0391a.exe
- Size
  
  614KB
- MD5
  
  4ff1701c87bbe196868574a141261708
- SHA1
  
  c17fb32dac1680e324f4fde436281927aedb10d5
- SHA256
  
  9d9afba0fc3a930a117b8905b4ee4821bb5e922794306aac084a1b1e51b0391a
- SHA512
  
  84b3a01deac6822cc2656d78f44764652e7a08a74aa2aaad06dd8a6d4478d6a3324128e327698edb027ad1d05476e41f8d57db6c10a611927e44300f8e40e95b
- SSDEEP
  
  6144:+rZSYomWS//JmcZiWE58TR45SYomWS//JmcZiWE58TR4u:dYomWS//JmcE2YomWS//JmcE
Score

8^/10

spyware stealer
- Drops file in Drivers directory
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2