ee82de494114997bd1eae2fc1bea99accb50b35d481ede92b3bcab640f35a2dd | Triage

Sharing

General

Target

ee82de494114997bd1eae2fc1bea99accb50b35d481ede92b3bcab640f35a2dd
Size

333KB
Sample

221107-g3pc8sedcn
MD5

0dfdb2aff1563d36baa793fa209f6fd0
SHA1

36536b8ec6e76cc125a9f7d44dccabeba7fd9c4b
SHA256

ee82de494114997bd1eae2fc1bea99accb50b35d481ede92b3bcab640f35a2dd
SHA512

c7c3aa0ba753d6f86374d2b0b1c6e8115896a82c1273aaf991061100a10ab9f014d6568ca118723e161a6ab4e344d862d00f248c069e0c908085be4375376d24
SSDEEP

6144:3LObkszAhheFdgIkYofIa8SQcPqIpwGGIQ9aM5BDhm0gVpXANRXds3zgbJ5u0rMz:7AzAY0BhqIxGIq9ywjdIzgN4iMpt

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  ee82de494114997bd1eae2fc1bea99accb50b35d481ede92b3bcab640f35a2dd
- Size
  
  333KB
- MD5
  
  0dfdb2aff1563d36baa793fa209f6fd0
- SHA1
  
  36536b8ec6e76cc125a9f7d44dccabeba7fd9c4b
- SHA256
  
  ee82de494114997bd1eae2fc1bea99accb50b35d481ede92b3bcab640f35a2dd
- SHA512
  
  c7c3aa0ba753d6f86374d2b0b1c6e8115896a82c1273aaf991061100a10ab9f014d6568ca118723e161a6ab4e344d862d00f248c069e0c908085be4375376d24
- SSDEEP
  
  6144:3LObkszAhheFdgIkYofIa8SQcPqIpwGGIQ9aM5BDhm0gVpXANRXds3zgbJ5u0rMz:7AzAY0BhqIxGIq9ywjdIzgN4iMpt
Score

8^/10

spyware stealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2