e941414e20c0f0916914915ae47b7e0fdd80fc992261a7d5b4c920986f400d1e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e941414e20c0f0916914915ae47b7e0fdd80fc992261a7d5b4c920986f400d1e
Size

855KB
Sample

221020-sr7k8abed9
MD5

4319e6ce3a8de98ee3144796bb321a10
SHA1

00d6d978d9faa46925fccb75c85b06164dc88799
SHA256

e941414e20c0f0916914915ae47b7e0fdd80fc992261a7d5b4c920986f400d1e
SHA512

394e74e7e51cca2e1bb1ed1863dddffe1338e35cfded2c267d33425f77c2e6314ff14d08a13d008144e626ce61207b7a74c2cb3ef1c9c6474f59cc9392517a21
SSDEEP

12288:JnXm/1LdWyZQaYppPDzSgcd2pGQwRPO+0XFD4mcJkWY:JnqdWF5qtdKXwRPOJ+mcJkD

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  e941414e20c0f0916914915ae47b7e0fdd80fc992261a7d5b4c920986f400d1e
- Size
  
  855KB
- MD5
  
  4319e6ce3a8de98ee3144796bb321a10
- SHA1
  
  00d6d978d9faa46925fccb75c85b06164dc88799
- SHA256
  
  e941414e20c0f0916914915ae47b7e0fdd80fc992261a7d5b4c920986f400d1e
- SHA512
  
  394e74e7e51cca2e1bb1ed1863dddffe1338e35cfded2c267d33425f77c2e6314ff14d08a13d008144e626ce61207b7a74c2cb3ef1c9c6474f59cc9392517a21
- SSDEEP
  
  12288:JnXm/1LdWyZQaYppPDzSgcd2pGQwRPO+0XFD4mcJkWY:JnqdWF5qtdKXwRPOJ+mcJkD
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2