908942a0607243b70ff999620a3caecd6b2b93dc26cd93903c6d6e070a30851a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

908942a0607243b70ff999620a3caecd6b2b93dc26cd93903c6d6e070a30851a
Size

103KB
Sample

221011-kwsc4afcan
MD5

41cd666ed61e5e400197ab099968bbd0
SHA1

2a4789815cc2a886a67f6b1b385d96ae679d2dbf
SHA256

908942a0607243b70ff999620a3caecd6b2b93dc26cd93903c6d6e070a30851a
SHA512

513415ea24de0c66256da432148d29440fd84ea24e6af937f9c2c7f8191395d825cf2c9fc5d9c2282c9e28e5224a3af1a2c0de4a5345ce239689180269b54a93
SSDEEP

1536:IhCZFcsifjE0SJIB/6pCypfoe6WH/vxUyVPA:IhHsio0tBGCzo5U6PA

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  908942a0607243b70ff999620a3caecd6b2b93dc26cd93903c6d6e070a30851a
- Size
  
  103KB
- MD5
  
  41cd666ed61e5e400197ab099968bbd0
- SHA1
  
  2a4789815cc2a886a67f6b1b385d96ae679d2dbf
- SHA256
  
  908942a0607243b70ff999620a3caecd6b2b93dc26cd93903c6d6e070a30851a
- SHA512
  
  513415ea24de0c66256da432148d29440fd84ea24e6af937f9c2c7f8191395d825cf2c9fc5d9c2282c9e28e5224a3af1a2c0de4a5345ce239689180269b54a93
- SSDEEP
  
  1536:IhCZFcsifjE0SJIB/6pCypfoe6WH/vxUyVPA:IhHsio0tBGCzo5U6PA
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2