fdebacdcad117f439960157451fe5a6be4b3ba550bc3ce094cab40102688f789 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdebacdcad117f439960157451fe5a6be4b3ba550bc3ce094cab40102688f789
Size

128KB
Sample

221107-zsbcqsbdgp
MD5

0d0301051e5406a4ba34289ec7efb640
SHA1

dedb6b8198310ed190586ac6d7ccb1cdcbe883b5
SHA256

fdebacdcad117f439960157451fe5a6be4b3ba550bc3ce094cab40102688f789
SHA512

ebda9e083ae7fe615e357bcb1c879769425c868d6c4a6211539be44119af2c5f62fbc3939153cf4e422a1383954e89c7e457d69dd81accda6950810445a008c3
SSDEEP

3072:Ipe+aX3zv/TM3lptA7bwdGa2Utex/xCU+rKol:1+aX3LKA7bhYl

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  fdebacdcad117f439960157451fe5a6be4b3ba550bc3ce094cab40102688f789
- Size
  
  128KB
- MD5
  
  0d0301051e5406a4ba34289ec7efb640
- SHA1
  
  dedb6b8198310ed190586ac6d7ccb1cdcbe883b5
- SHA256
  
  fdebacdcad117f439960157451fe5a6be4b3ba550bc3ce094cab40102688f789
- SHA512
  
  ebda9e083ae7fe615e357bcb1c879769425c868d6c4a6211539be44119af2c5f62fbc3939153cf4e422a1383954e89c7e457d69dd81accda6950810445a008c3
- SSDEEP
  
  3072:Ipe+aX3zv/TM3lptA7bwdGa2Utex/xCU+rKol:1+aX3LKA7bhYl
Score

8^/10

spyware stealer
- Executes dropped EXE
- Deletes itself
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2