f754cfffbf4aabc5596db132af60fefcc56ff417d322d71ad7f7090b2252c4c5 | Triage

Sharing

General

Target

f754cfffbf4aabc5596db132af60fefcc56ff417d322d71ad7f7090b2252c4c5
Size

770KB
Sample

221124-fcwtyshh95
MD5

715d0dd323ef4a5c403a82337c952640
SHA1

fa8c0becb292b31cf095d36bbe74b202de696070
SHA256

f754cfffbf4aabc5596db132af60fefcc56ff417d322d71ad7f7090b2252c4c5
SHA512

8ee5b6e5515508883f75ca0e043e0e72d907442204285b792362bb70d042f0286f7844dddd01ac47d580c67811bd8c5017b4dcd0ae45b8cd8a50287737e600b8
SSDEEP

24576:h1OYdaOhGiAEAd/KjjBKyu73i8mxcmMMV6zs+G/a:h1OsKMAd/OxfV6zZGS

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  f754cfffbf4aabc5596db132af60fefcc56ff417d322d71ad7f7090b2252c4c5
- Size
  
  770KB
- MD5
  
  715d0dd323ef4a5c403a82337c952640
- SHA1
  
  fa8c0becb292b31cf095d36bbe74b202de696070
- SHA256
  
  f754cfffbf4aabc5596db132af60fefcc56ff417d322d71ad7f7090b2252c4c5
- SHA512
  
  8ee5b6e5515508883f75ca0e043e0e72d907442204285b792362bb70d042f0286f7844dddd01ac47d580c67811bd8c5017b4dcd0ae45b8cd8a50287737e600b8
- SSDEEP
  
  24576:h1OYdaOhGiAEAd/KjjBKyu73i8mxcmMMV6zs+G/a:h1OsKMAd/OxfV6zZGS
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer