80a824505761c54d7dd466e06c334f7ada2459f280f5ade9e0e8350c2416854c | Triage

Sharing

General

Target

80a824505761c54d7dd466e06c334f7ada2459f280f5ade9e0e8350c2416854c
Size

925KB
Sample

221124-jwhyzsac55
MD5

0b014a33e968956d3e2b2c8bba08e2c2
SHA1

e2f9df76473a2a59ba0cc82746765b5f9a808f27
SHA256

80a824505761c54d7dd466e06c334f7ada2459f280f5ade9e0e8350c2416854c
SHA512

083fdd321b718a23394a0a837615aaff5c48742d9c6e9b2323cef19192a7e156ad4b2be3bf0041f03ef6ce74800d7d5a7d3c5ad4a4f7b30f77af13767802bcff
SSDEEP

24576:h1OYdaOOfC5S9N6w6EVX1Lh+mN5Z4E8IlIyYuXf:h1Os7MN6wdBh5N5Z4E8PuXf

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  80a824505761c54d7dd466e06c334f7ada2459f280f5ade9e0e8350c2416854c
- Size
  
  925KB
- MD5
  
  0b014a33e968956d3e2b2c8bba08e2c2
- SHA1
  
  e2f9df76473a2a59ba0cc82746765b5f9a808f27
- SHA256
  
  80a824505761c54d7dd466e06c334f7ada2459f280f5ade9e0e8350c2416854c
- SHA512
  
  083fdd321b718a23394a0a837615aaff5c48742d9c6e9b2323cef19192a7e156ad4b2be3bf0041f03ef6ce74800d7d5a7d3c5ad4a4f7b30f77af13767802bcff
- SSDEEP
  
  24576:h1OYdaOOfC5S9N6w6EVX1Lh+mN5Z4E8IlIyYuXf:h1Os7MN6wdBh5N5Z4E8PuXf
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer