9ac48d51837d6381c5e843d0eac2e4272213d56ac83cb69d35f557f4500f3b4b | Triage

Submit
Reports

Overview

overview

9

Static

static

9ac48d5183...4b.exe

windows7-x64

9

9ac48d5183...4b.exe

windows10-2004-x64

9

Sharing

General

Target

9ac48d51837d6381c5e843d0eac2e4272213d56ac83cb69d35f557f4500f3b4b
Size

393KB
Sample

221123-qvch5seh63
MD5

5a59e990490fcb2682313ed67eabbd76
SHA1

fe659afdfbc359195fa4fd2905d863aa48a05719
SHA256

9ac48d51837d6381c5e843d0eac2e4272213d56ac83cb69d35f557f4500f3b4b
SHA512

3e436974b453898b98a14752495bea53a62962054243ecd38a199381dfedc088abba659c43ca40db7a130d6880546314a2fac867e7e830b6703244dd84e19d95
SSDEEP

12288:SK7a4rM4aDbulrp+U1hmekZ997yysjlKTU25fjtm:SK7aEHaPErh3mPaj8TU25Lg

Score

9^/10

spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

9ac48d51837d6381c5e843d0eac2e4272213d56ac83cb69d35f557f4500f3b4b.exe

Resource

win7-20220812-en

spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

9ac48d51837d6381c5e843d0eac2e4272213d56ac83cb69d35f557f4500f3b4b.exe

Resource

win10v2004-20220901-en

spyware stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  9ac48d51837d6381c5e843d0eac2e4272213d56ac83cb69d35f557f4500f3b4b
- Size
  
  393KB
- MD5
  
  5a59e990490fcb2682313ed67eabbd76
- SHA1
  
  fe659afdfbc359195fa4fd2905d863aa48a05719
- SHA256
  
  9ac48d51837d6381c5e843d0eac2e4272213d56ac83cb69d35f557f4500f3b4b
- SHA512
  
  3e436974b453898b98a14752495bea53a62962054243ecd38a199381dfedc088abba659c43ca40db7a130d6880546314a2fac867e7e830b6703244dd84e19d95
- SSDEEP
  
  12288:SK7a4rM4aDbulrp+U1hmekZ997yysjlKTU25fjtm:SK7aEHaPErh3mPaj8TU25Lg
Score

9^/10

spyware stealer
- NirSoft WebBrowserPassView
  Password recovery tool for various web browsers
- Nirsoft
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy