dfd96d2a769c2fb1e86c5903d7a67482bce1be3d31feb05658df88b6a77ef397 | Triage

Sharing

General

Target

dfd96d2a769c2fb1e86c5903d7a67482bce1be3d31feb05658df88b6a77ef397
Size

2.4MB
Sample

221123-s47fzsda85
MD5

9d5437a3eafa7218ae228e3546bd9049
SHA1

7ce75fed3a8f166778e45126ca82dda8a633b61b
SHA256

dfd96d2a769c2fb1e86c5903d7a67482bce1be3d31feb05658df88b6a77ef397
SHA512

534d6e3fc442a421cba054aa68437fe349c5110197b12c12d163d4195e8d0d61a7e350f652e12c71151e4897fcb5e4251e346a16f82b6dd7dfe4a28e08e1a5d6
SSDEEP

49152:Sl0SXj3pj0xgSCCpn6sVGUUWDEbYrQ2CaT5zixjuB8S7ayij3nJAd3:SlJT3pj0qSCCpn6h8DsYrIaT5zaju8EY

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  dfd96d2a769c2fb1e86c5903d7a67482bce1be3d31feb05658df88b6a77ef397
- Size
  
  2.4MB
- MD5
  
  9d5437a3eafa7218ae228e3546bd9049
- SHA1
  
  7ce75fed3a8f166778e45126ca82dda8a633b61b
- SHA256
  
  dfd96d2a769c2fb1e86c5903d7a67482bce1be3d31feb05658df88b6a77ef397
- SHA512
  
  534d6e3fc442a421cba054aa68437fe349c5110197b12c12d163d4195e8d0d61a7e350f652e12c71151e4897fcb5e4251e346a16f82b6dd7dfe4a28e08e1a5d6
- SSDEEP
  
  49152:Sl0SXj3pj0xgSCCpn6sVGUUWDEbYrQ2CaT5zixjuB8S7ayij3nJAd3:SlJT3pj0qSCCpn6h8DsYrIaT5zaju8EY
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer