598a232d5c90db3c828c02ddfd8156c48d6b500aea421f19dedaaed58854dd38 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

598a232d5c90db3c828c02ddfd8156c48d6b500aea421f19dedaaed58854dd38
Size

370KB
Sample

221027-ra56dscddl
MD5

c9963634ccf5519a7a3c58e6abe1c547
SHA1

2cff644f290cacc87673cfe142e092f431210191
SHA256

598a232d5c90db3c828c02ddfd8156c48d6b500aea421f19dedaaed58854dd38
SHA512

c90480b67bdb52e9c9eab36a9ccacb643a71624c6d1fa745b57f329bdbe47658f3363eb2371e8d690b9cb1eeb7ca5a9365b6380a2d27d40b5ecbdaf3ac4f4bc8
SSDEEP

6144:LIpSa7TtdrcTlDNFOykbkNzHiFvA7PRhZ+iFXRKrBcaFKkuudN0U:L4Sa7TtdrQpF4be6ALrFhvN

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  598a232d5c90db3c828c02ddfd8156c48d6b500aea421f19dedaaed58854dd38
- Size
  
  370KB
- MD5
  
  c9963634ccf5519a7a3c58e6abe1c547
- SHA1
  
  2cff644f290cacc87673cfe142e092f431210191
- SHA256
  
  598a232d5c90db3c828c02ddfd8156c48d6b500aea421f19dedaaed58854dd38
- SHA512
  
  c90480b67bdb52e9c9eab36a9ccacb643a71624c6d1fa745b57f329bdbe47658f3363eb2371e8d690b9cb1eeb7ca5a9365b6380a2d27d40b5ecbdaf3ac4f4bc8
- SSDEEP
  
  6144:LIpSa7TtdrcTlDNFOykbkNzHiFvA7PRhZ+iFXRKrBcaFKkuudN0U:L4Sa7TtdrQpF4be6ALrFhvN
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer