f0e6af3f60f5277a7eb994bf7065b4bc878ff152016ec4a5c91b00049bbe264a | Triage

Sharing

General

Target

f0e6af3f60f5277a7eb994bf7065b4bc878ff152016ec4a5c91b00049bbe264a
Size

1.6MB
Sample

221123-pyzmeace89
MD5

8807f99f6306688f154090c5b90acbe7
SHA1

5dec3390c7474a44c7f697fa6cc3ec444a89ea6c
SHA256

f0e6af3f60f5277a7eb994bf7065b4bc878ff152016ec4a5c91b00049bbe264a
SHA512

7dd0685d3846661d01e2e1d54de88357bc55ba33149d43e59febbcc1f4df47070860891738187564b8834657cb7548691cec7e8cb5076c181f501a229b4b2048
SSDEEP

24576:E3Kxpq7FXyYZ3j4MO6l0eKYtiLXftzcNbOKX3lav8lNKJ5mGCkHF+5cB6Piq2sDy:g7Np8MO6wLG1av8NKII6nBF0

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  f0e6af3f60f5277a7eb994bf7065b4bc878ff152016ec4a5c91b00049bbe264a
- Size
  
  1.6MB
- MD5
  
  8807f99f6306688f154090c5b90acbe7
- SHA1
  
  5dec3390c7474a44c7f697fa6cc3ec444a89ea6c
- SHA256
  
  f0e6af3f60f5277a7eb994bf7065b4bc878ff152016ec4a5c91b00049bbe264a
- SHA512
  
  7dd0685d3846661d01e2e1d54de88357bc55ba33149d43e59febbcc1f4df47070860891738187564b8834657cb7548691cec7e8cb5076c181f501a229b4b2048
- SSDEEP
  
  24576:E3Kxpq7FXyYZ3j4MO6l0eKYtiLXftzcNbOKX3lav8lNKJ5mGCkHF+5cB6Piq2sDy:g7Np8MO6wLG1av8NKII6nBF0
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer