9970e2118566ee4cf2d23aa622724d8727b18afaea5f8ccde8065d91e5527392 | Triage

Sharing

General

Target

9970e2118566ee4cf2d23aa622724d8727b18afaea5f8ccde8065d91e5527392
Size

895KB
Sample

221123-s44ebsgb2z
MD5

7ac3d111b076546c81021a5b6e81fdee
SHA1

9941a8883ff3c9dbbf7e46292d6f1630247f9e95
SHA256

9970e2118566ee4cf2d23aa622724d8727b18afaea5f8ccde8065d91e5527392
SHA512

534958eeef30223b78accfb2768fcbff70a62d85542b8870e07d268568742b04f691d826eec5a069c2e09919894e7e4c229823057e6b48667a32f58b41997e2f
SSDEEP

24576:AloxEeSPPoK3IcHxcM6toNTGETPMHfz5J:AXPwKVRN79VT+

Score

8^/10

discovery persistence spyware stealer upx

Malware Config

Targets

- Target
  
  9970e2118566ee4cf2d23aa622724d8727b18afaea5f8ccde8065d91e5527392
- Size
  
  895KB
- MD5
  
  7ac3d111b076546c81021a5b6e81fdee
- SHA1
  
  9941a8883ff3c9dbbf7e46292d6f1630247f9e95
- SHA256
  
  9970e2118566ee4cf2d23aa622724d8727b18afaea5f8ccde8065d91e5527392
- SHA512
  
  534958eeef30223b78accfb2768fcbff70a62d85542b8870e07d268568742b04f691d826eec5a069c2e09919894e7e4c229823057e6b48667a32f58b41997e2f
- SSDEEP
  
  24576:AloxEeSPPoK3IcHxcM6toNTGETPMHfz5J:AXPwKVRN79VT+
Score

8^/10

discovery persistence spyware stealer upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealerupx

behavioral2