ee56b86b970d527171b43151eebb64e99eec7fb19a34eba5d5c85b93a4df6648 | Triage

Sharing

General

Target

ee56b86b970d527171b43151eebb64e99eec7fb19a34eba5d5c85b93a4df6648
Size

248KB
Sample

221121-r2h5yahe21
MD5

1097dc31c29ea32eb1f3d1cee3204cf4
SHA1

e440c8153ef13f6e36522f3beea1462def2da3f0
SHA256

ee56b86b970d527171b43151eebb64e99eec7fb19a34eba5d5c85b93a4df6648
SHA512

29d87e514e93afbcb8468a83c56ef1bc935a21a787a0facd343832397411f99bed8043ce8f668aeaa58bfa0a8299869157f4a83af4b986603c05dd594df9aa2f
SSDEEP

384:fTMMqbB36nG74lN+w+wp1jMly4SREO53yPt36n:fIVVuGS+Xy48EO5iP5u

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  ee56b86b970d527171b43151eebb64e99eec7fb19a34eba5d5c85b93a4df6648
- Size
  
  248KB
- MD5
  
  1097dc31c29ea32eb1f3d1cee3204cf4
- SHA1
  
  e440c8153ef13f6e36522f3beea1462def2da3f0
- SHA256
  
  ee56b86b970d527171b43151eebb64e99eec7fb19a34eba5d5c85b93a4df6648
- SHA512
  
  29d87e514e93afbcb8468a83c56ef1bc935a21a787a0facd343832397411f99bed8043ce8f668aeaa58bfa0a8299869157f4a83af4b986603c05dd594df9aa2f
- SSDEEP
  
  384:fTMMqbB36nG74lN+w+wp1jMly4SREO53yPt36n:fIVVuGS+Xy48EO5iP5u
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer