9d26f41cbfdec5742cc3d19e1891f790e14cbc1767e82973de60205eb22f246d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d26f41cbfdec5742cc3d19e1891f790e14cbc1767e82973de60205eb22f246d
Size

691KB
Sample

221030-vf9ybabghp
MD5

820d126597de44a648200189f8178e90
SHA1

b56132c1a1df7c66d008cd3a248379711748fcd7
SHA256

9d26f41cbfdec5742cc3d19e1891f790e14cbc1767e82973de60205eb22f246d
SHA512

3aa02601e6adf58fe198b7afe6f59e57dc5f98c3adb3d853d013e3305eb09f7b41f6777771eaaf9006b679dfcf66d353fa1467c6f1150e7dbfa1d01c9b0dc9df
SSDEEP

12288:ZhdqCKEWbZnnQ4mL3+arX9dnbGThM04Pdo2/4zgcP1k84ZDc:Zn6ZnQL+Gb8Xtg4zgS1k84+

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  9d26f41cbfdec5742cc3d19e1891f790e14cbc1767e82973de60205eb22f246d
- Size
  
  691KB
- MD5
  
  820d126597de44a648200189f8178e90
- SHA1
  
  b56132c1a1df7c66d008cd3a248379711748fcd7
- SHA256
  
  9d26f41cbfdec5742cc3d19e1891f790e14cbc1767e82973de60205eb22f246d
- SHA512
  
  3aa02601e6adf58fe198b7afe6f59e57dc5f98c3adb3d853d013e3305eb09f7b41f6777771eaaf9006b679dfcf66d353fa1467c6f1150e7dbfa1d01c9b0dc9df
- SSDEEP
  
  12288:ZhdqCKEWbZnnQ4mL3+arX9dnbGThM04Pdo2/4zgcP1k84ZDc:Zn6ZnQL+Gb8Xtg4zgS1k84+
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer