fa3ccc50f62a8982c14010b63edf30c903d4db47f04891c6e466a70ada17cfe7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa3ccc50f62a8982c14010b63edf30c903d4db47f04891c6e466a70ada17cfe7
Size

164KB
Sample

221107-ya3htsedf2
MD5

0f5a1204375836b9d629b7037182188f
SHA1

5cae7a30b31a1bb970493037bbd4f6b313cbc95e
SHA256

fa3ccc50f62a8982c14010b63edf30c903d4db47f04891c6e466a70ada17cfe7
SHA512

53b8d68e54a0f5a2c2040dd70ac4870b55cee63168bf18c4cc3958d8fb3a724a6abab10ca2f8a173275ef4f475461c383b3399c28b6ea602b6b89619a22247d0
SSDEEP

3072:ad+f7iktHPS9XPu9UGbOEVFW5D5QCEGVNUF9koY2RTjLuR+dh3g2XLx:R2ktvePuO3yQ+wVoTjS+dS2X

Score

8^/10

persistence spyware stealer upx

Malware Config

Targets

- Target
  
  fa3ccc50f62a8982c14010b63edf30c903d4db47f04891c6e466a70ada17cfe7
- Size
  
  164KB
- MD5
  
  0f5a1204375836b9d629b7037182188f
- SHA1
  
  5cae7a30b31a1bb970493037bbd4f6b313cbc95e
- SHA256
  
  fa3ccc50f62a8982c14010b63edf30c903d4db47f04891c6e466a70ada17cfe7
- SHA512
  
  53b8d68e54a0f5a2c2040dd70ac4870b55cee63168bf18c4cc3958d8fb3a724a6abab10ca2f8a173275ef4f475461c383b3399c28b6ea602b6b89619a22247d0
- SSDEEP
  
  3072:ad+f7iktHPS9XPu9UGbOEVFW5D5QCEGVNUF9koY2RTjLuR+dh3g2XLx:R2ktvePuO3yQ+wVoTjS+dS2X
Score

8^/10

persistence spyware stealer upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealerupx

behavioral2