642b91aa576278fc7ca693a407aaf355416fc6be38973a16879647be6eb3a3a1 | Triage

Sharing

General

Target

642b91aa576278fc7ca693a407aaf355416fc6be38973a16879647be6eb3a3a1
Size

919KB
Sample

221124-e9hg6ach2w
MD5

80e9a11450503b06b97ffccdcc6b6815
SHA1

74712879f86b741f75cdbdc37d6f8b5922b624b7
SHA256

642b91aa576278fc7ca693a407aaf355416fc6be38973a16879647be6eb3a3a1
SHA512

e24c328aaf11e8fe26f29e3b514896fcf27f33c0a5c3f0169b878fb89ce502626fb4b9402e16774b46c0a61dfc77f10257736607858c9abc2f004f3eb8f4378f
SSDEEP

24576:bUac7EJEhlpyouGViLlvOijoJFRJHJ2rHb3k:b27E4LDVQvOijoRJpOH4

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  642b91aa576278fc7ca693a407aaf355416fc6be38973a16879647be6eb3a3a1
- Size
  
  919KB
- MD5
  
  80e9a11450503b06b97ffccdcc6b6815
- SHA1
  
  74712879f86b741f75cdbdc37d6f8b5922b624b7
- SHA256
  
  642b91aa576278fc7ca693a407aaf355416fc6be38973a16879647be6eb3a3a1
- SHA512
  
  e24c328aaf11e8fe26f29e3b514896fcf27f33c0a5c3f0169b878fb89ce502626fb4b9402e16774b46c0a61dfc77f10257736607858c9abc2f004f3eb8f4378f
- SSDEEP
  
  24576:bUac7EJEhlpyouGViLlvOijoJFRJHJ2rHb3k:b27E4LDVQvOijoRJpOH4
Score

8^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2