f3dea280e2532fe703f90b12ad0865ec6145f9702dd34ace339c45cbf774d2f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3dea280e2532fe703f90b12ad0865ec6145f9702dd34ace339c45cbf774d2f0
Size

116KB
Sample

221106-f4rdjseba4
MD5

1074c00fdc74bb7d460cd743f2cc8a44
SHA1

68e1c7ab241e1ca6e2ca13482ac3f3cc70aa7172
SHA256

f3dea280e2532fe703f90b12ad0865ec6145f9702dd34ace339c45cbf774d2f0
SHA512

94c05608cdfcc2a2811a45e56a9fcaf6b78a0f026ea84da657718a22bc46ff8a85674b027ea0c2af3e1e121196c93196e16e6425e784951313d906de41949e3a
SSDEEP

3072:fqHgsV33xMEMBp7KxjKCvruR7Kr2+n+KAcKAb+l1iju:ugoC3pGvruwrNYN

Score

10^/10

persistence spyware stealer upx

Malware Config

Targets

- Target
  
  f3dea280e2532fe703f90b12ad0865ec6145f9702dd34ace339c45cbf774d2f0
- Size
  
  116KB
- MD5
  
  1074c00fdc74bb7d460cd743f2cc8a44
- SHA1
  
  68e1c7ab241e1ca6e2ca13482ac3f3cc70aa7172
- SHA256
  
  f3dea280e2532fe703f90b12ad0865ec6145f9702dd34ace339c45cbf774d2f0
- SHA512
  
  94c05608cdfcc2a2811a45e56a9fcaf6b78a0f026ea84da657718a22bc46ff8a85674b027ea0c2af3e1e121196c93196e16e6425e784951313d906de41949e3a
- SSDEEP
  
  3072:fqHgsV33xMEMBp7KxjKCvruR7Kr2+n+KAcKAb+l1iju:ugoC3pGvruwrNYN
Score

10^/10

persistence spyware stealer upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealerupx

behavioral2