6a0dcfb5fdc2d10667bf63af0c9a64411e897d2efa00b3a652223d32dce3eaa0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a0dcfb5fdc2d10667bf63af0c9a64411e897d2efa00b3a652223d32dce3eaa0
Size

114KB
Sample

221030-11w5vadfaq
MD5

a1a5e0efe65eecf3c91cce628e3268d0
SHA1

fddd0550f685eddf07dd0aa304d7a28b0c6b7c3d
SHA256

6a0dcfb5fdc2d10667bf63af0c9a64411e897d2efa00b3a652223d32dce3eaa0
SHA512

f3aa6c3172cc8225f9203030692c457b20b954d932f980e328cd5234d44fc201cccad1e2becb84417956e4bca6e177cbd1c5f1332db6232d9db36acdad041281
SSDEEP

1536:N/1ijKcLVGu4+pFemub0bnOWVoEJm/OQVJkLAnHvZenoH8:l1iHnFeXb05iEJmdVJkoHheoH

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  6a0dcfb5fdc2d10667bf63af0c9a64411e897d2efa00b3a652223d32dce3eaa0
- Size
  
  114KB
- MD5
  
  a1a5e0efe65eecf3c91cce628e3268d0
- SHA1
  
  fddd0550f685eddf07dd0aa304d7a28b0c6b7c3d
- SHA256
  
  6a0dcfb5fdc2d10667bf63af0c9a64411e897d2efa00b3a652223d32dce3eaa0
- SHA512
  
  f3aa6c3172cc8225f9203030692c457b20b954d932f980e328cd5234d44fc201cccad1e2becb84417956e4bca6e177cbd1c5f1332db6232d9db36acdad041281
- SSDEEP
  
  1536:N/1ijKcLVGu4+pFemub0bnOWVoEJm/OQVJkLAnHvZenoH8:l1iHnFeXb05iEJmdVJkoHheoH
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2