6b557a5f9a0683b91f9eec63b5a3958e805ee5eeb8017a8194d2104210511b3c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b557a5f9a0683b91f9eec63b5a3958e805ee5eeb8017a8194d2104210511b3c
Size

57KB
Sample

221029-nl8twaegcl
MD5

d5f83fc587e2fbc29f37d12c4b44bb93
SHA1

dca9f06edd088f151f8c4c5edfb379152f884227
SHA256

6b557a5f9a0683b91f9eec63b5a3958e805ee5eeb8017a8194d2104210511b3c
SHA512

f22df4091532107b5f6747740229788c6572791a3934b681166db1db49158366a55b3d20e4b195724cb256f01160b7187ce30ddb13390dc2c559588dc8152aa2
SSDEEP

1536:5HaTWWSsD501q8SKLhojlXYf2hrMkM0P9Ngf:RcsSKLhojlXYf2RHP96f

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  6b557a5f9a0683b91f9eec63b5a3958e805ee5eeb8017a8194d2104210511b3c
- Size
  
  57KB
- MD5
  
  d5f83fc587e2fbc29f37d12c4b44bb93
- SHA1
  
  dca9f06edd088f151f8c4c5edfb379152f884227
- SHA256
  
  6b557a5f9a0683b91f9eec63b5a3958e805ee5eeb8017a8194d2104210511b3c
- SHA512
  
  f22df4091532107b5f6747740229788c6572791a3934b681166db1db49158366a55b3d20e4b195724cb256f01160b7187ce30ddb13390dc2c559588dc8152aa2
- SSDEEP
  
  1536:5HaTWWSsD501q8SKLhojlXYf2hrMkM0P9Ngf:RcsSKLhojlXYf2RHP96f
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2