770cf0c47d145762552b395689dc294a1d5c4b7973801641e015722e478bc670 | Triage

Sharing

General

Target

770cf0c47d145762552b395689dc294a1d5c4b7973801641e015722e478bc670
Size

54KB
Sample

221123-m7jansbb7y
MD5

9cb80e012124b9b49f3c27b1cf4d6dd1
SHA1

fa55e5f168961f2978222a7e872fe012a37e5fe9
SHA256

770cf0c47d145762552b395689dc294a1d5c4b7973801641e015722e478bc670
SHA512

07d82ccf0b5a385d18fde0382873da0facd951d4f33ee420930a6f073e52c23ee29bc80e33f805ea8d3df93e8d1ab3958b9e63b3d77904071b298b7ced1ab70f
SSDEEP

1536:5E027/dpXuKPlCVS1we+EQvro7flW3vr3YI6GeG:5Pg/dp+KFqe7aro7d6l

Score

10^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  770cf0c47d145762552b395689dc294a1d5c4b7973801641e015722e478bc670
- Size
  
  54KB
- MD5
  
  9cb80e012124b9b49f3c27b1cf4d6dd1
- SHA1
  
  fa55e5f168961f2978222a7e872fe012a37e5fe9
- SHA256
  
  770cf0c47d145762552b395689dc294a1d5c4b7973801641e015722e478bc670
- SHA512
  
  07d82ccf0b5a385d18fde0382873da0facd951d4f33ee420930a6f073e52c23ee29bc80e33f805ea8d3df93e8d1ab3958b9e63b3d77904071b298b7ced1ab70f
- SSDEEP
  
  1536:5E027/dpXuKPlCVS1we+EQvro7flW3vr3YI6GeG:5Pg/dp+KFqe7aro7d6l
Score

10^/10

persistence spyware stealer
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2