30f03371758b8156e15f62884995590ef5c742577744a8ab8c9fe68ce305407e | Triage

Sharing

General

Target

30f03371758b8156e15f62884995590ef5c742577744a8ab8c9fe68ce305407e
Size

781KB
Sample

221124-fx196sbd62
MD5

f0003d75d6830d3d99b06a06d9bf0f36
SHA1

a0c2a44e9c486c3e3e9d1ff7e00cba6c44a1d0ce
SHA256

30f03371758b8156e15f62884995590ef5c742577744a8ab8c9fe68ce305407e
SHA512

39d3f33326a344e9075fac1f6a423ccb918def91cb6f95ad673a44ebd85a4c31ba37eb5da957f44558d3aef94b02d255d4c15437fcf6fe47093255966443ddf5
SSDEEP

24576:h1OYdaOxGiAEAd/KjjBKyu73i8mxcmMMV6zs+G/7:h1OsiMAd/OxfV6zZGT

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  30f03371758b8156e15f62884995590ef5c742577744a8ab8c9fe68ce305407e
- Size
  
  781KB
- MD5
  
  f0003d75d6830d3d99b06a06d9bf0f36
- SHA1
  
  a0c2a44e9c486c3e3e9d1ff7e00cba6c44a1d0ce
- SHA256
  
  30f03371758b8156e15f62884995590ef5c742577744a8ab8c9fe68ce305407e
- SHA512
  
  39d3f33326a344e9075fac1f6a423ccb918def91cb6f95ad673a44ebd85a4c31ba37eb5da957f44558d3aef94b02d255d4c15437fcf6fe47093255966443ddf5
- SSDEEP
  
  24576:h1OYdaOxGiAEAd/KjjBKyu73i8mxcmMMV6zs+G/7:h1OsiMAd/OxfV6zZGT
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer