92355e4c6e476d6f37fb54472df11b25e9cf1ca64914c5b1a7213c368fa20f46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92355e4c6e476d6f37fb54472df11b25e9cf1ca64914c5b1a7213c368fa20f46
Size

94KB
Sample

221124-arew4aac9y
MD5

26056f0e3111eca361f4ca8d723a7110
SHA1

4fdad4d37073d1051ca06fc0ef6bbde8389de203
SHA256

92355e4c6e476d6f37fb54472df11b25e9cf1ca64914c5b1a7213c368fa20f46
SHA512

fea9c341a0b86b8da16a2f3d3427969e09bafa92b4606a0454b79aae273477baafa8b87bcbf2f57cee00115cae7d648aba8fdd8a990c1cdd80718bf9d367f000
SSDEEP

1536:J7QaYzMXqtGN/CstC9qVFDZbLyvpYH24iAgPuLdIK6L5ct39:JkaY46tGNFC0VFFbLRixK6L56N

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  92355e4c6e476d6f37fb54472df11b25e9cf1ca64914c5b1a7213c368fa20f46
- Size
  
  94KB
- MD5
  
  26056f0e3111eca361f4ca8d723a7110
- SHA1
  
  4fdad4d37073d1051ca06fc0ef6bbde8389de203
- SHA256
  
  92355e4c6e476d6f37fb54472df11b25e9cf1ca64914c5b1a7213c368fa20f46
- SHA512
  
  fea9c341a0b86b8da16a2f3d3427969e09bafa92b4606a0454b79aae273477baafa8b87bcbf2f57cee00115cae7d648aba8fdd8a990c1cdd80718bf9d367f000
- SSDEEP
  
  1536:J7QaYzMXqtGN/CstC9qVFDZbLyvpYH24iAgPuLdIK6L5ct39:JkaY46tGNFC0VFFbLRixK6L56N
Score

8^/10

spyware stealer
- Drops file in Drivers directory
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2