7786483b897971c243102c6203d0f19608524cba52136ae5fa71803e74d55825 | Triage

Resubmissions

25/10/2022, 10:40

221025-mqq9yscdb9 8

17/09/2020, 10:45

200917-swwyjv2gme 8

Sharing

General

Target

main.exe
Size

2.6MB
Sample

221025-mqq9yscdb9
MD5

8f616ddebbce71e29951a6e9472f2ea6
SHA1

0394adee22cc087a07b5f661eeb008fb4083163a
SHA256

7786483b897971c243102c6203d0f19608524cba52136ae5fa71803e74d55825
SHA512

474ab5d0d7d80b0a546e3131b42cb5f8f3d00d54b2d5afbff825e6f0374793c015db44e31b9ec28c8a125f8ab4c9407879bac61051c4dfd195eabcc9f58e9240
SSDEEP

24576:NfHnn+7gOrg1ymLqZi9dCof5gjPSJuqaOoNJAXXWLfwuL5E9gwaSw2u3wXIdq6Q9:N/n+7PIyJ09gU0zNJdbwuL5SgXSwAI

Score

8^/10

ransomware spyware stealer

Malware Config

Targets

- Target
  
  main.exe
- Size
  
  2.6MB
- MD5
  
  8f616ddebbce71e29951a6e9472f2ea6
- SHA1
  
  0394adee22cc087a07b5f661eeb008fb4083163a
- SHA256
  
  7786483b897971c243102c6203d0f19608524cba52136ae5fa71803e74d55825
- SHA512
  
  474ab5d0d7d80b0a546e3131b42cb5f8f3d00d54b2d5afbff825e6f0374793c015db44e31b9ec28c8a125f8ab4c9407879bac61051c4dfd195eabcc9f58e9240
- SSDEEP
  
  24576:NfHnn+7gOrg1ymLqZi9dCof5gjPSJuqaOoNJAXXWLfwuL5E9gwaSw2u3wXIdq6Q9:N/n+7PIyJ09gU0zNJdbwuL5SgXSwAI
Score

8^/10

ransomware spyware stealer
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ransomwarespywarestealer