747d9de59bd0fd7c884cbef4de3b8bf63f9daa5a0a088932f61a4780ce95a83e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

747d9de59bd0fd7c884cbef4de3b8bf63f9daa5a0a088932f61a4780ce95a83e
Size

1.4MB
Sample

221121-njp9raca81
MD5

10cd97fb158b9aa8d8a2372878f79c9e
SHA1

fd5ab73f7c1a275ffc802af98531e6f9b580b86a
SHA256

747d9de59bd0fd7c884cbef4de3b8bf63f9daa5a0a088932f61a4780ce95a83e
SHA512

f06c7b19c5a0fcb7c369e95408c14aaa6f258713aaa31e7af16d8b9cac77e69cd4a2f1627464ce46e393cd082d3c12abbc65c1779c67b07ad8de1eedd5eb6b6b
SSDEEP

24576:fayGQeN/7DSBfWhlwMnN4iwFx2iQeN/7DSBfWhCr59Ms96H0j:ypph7GBfW7wENCjfph7GBfWqMRHk

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  747d9de59bd0fd7c884cbef4de3b8bf63f9daa5a0a088932f61a4780ce95a83e
- Size
  
  1.4MB
- MD5
  
  10cd97fb158b9aa8d8a2372878f79c9e
- SHA1
  
  fd5ab73f7c1a275ffc802af98531e6f9b580b86a
- SHA256
  
  747d9de59bd0fd7c884cbef4de3b8bf63f9daa5a0a088932f61a4780ce95a83e
- SHA512
  
  f06c7b19c5a0fcb7c369e95408c14aaa6f258713aaa31e7af16d8b9cac77e69cd4a2f1627464ce46e393cd082d3c12abbc65c1779c67b07ad8de1eedd5eb6b6b
- SSDEEP
  
  24576:fayGQeN/7DSBfWhlwMnN4iwFx2iQeN/7DSBfWhCr59Ms96H0j:ypph7GBfW7wENCjfph7GBfWqMRHk
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2