2fab3518fdcc817c501a089c7ab4e191e1e69c5dfaf8bab6430f897d7fbe3199 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fab3518fdcc817c501a089c7ab4e191e1e69c5dfaf8bab6430f897d7fbe3199
Size

5.6MB
Sample

221011-sprf8abfcl
MD5

80dea74a9e8fbb4a4f2b6681ba662269
SHA1

06de9468ee0b84a289bb326b9e291eda67a6920e
SHA256

2fab3518fdcc817c501a089c7ab4e191e1e69c5dfaf8bab6430f897d7fbe3199
SHA512

f5f04c65d1647319d492750dd1501a198d3839892d503ab8d19daca33513a198afde3aa9a222fc5c7021d11a6f8e30a56424d20852eccdec5b18b42491198b0b
SSDEEP

49152:RIEXLFe6iRyhJ3jkqQVSfWVXqASv1x1dKO/5t7WGiocfGJDcjQcy20RHrzKgi1ao:RIEmSjL+EnHOMz5ysZA5+bf6c

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2fab3518fdcc817c501a089c7ab4e191e1e69c5dfaf8bab6430f897d7fbe3199
- Size
  
  5.6MB
- MD5
  
  80dea74a9e8fbb4a4f2b6681ba662269
- SHA1
  
  06de9468ee0b84a289bb326b9e291eda67a6920e
- SHA256
  
  2fab3518fdcc817c501a089c7ab4e191e1e69c5dfaf8bab6430f897d7fbe3199
- SHA512
  
  f5f04c65d1647319d492750dd1501a198d3839892d503ab8d19daca33513a198afde3aa9a222fc5c7021d11a6f8e30a56424d20852eccdec5b18b42491198b0b
- SSDEEP
  
  49152:RIEXLFe6iRyhJ3jkqQVSfWVXqASv1x1dKO/5t7WGiocfGJDcjQcy20RHrzKgi1ao:RIEmSjL+EnHOMz5ysZA5+bf6c
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1