718d3a7a37104d5580e9d417b46300a3ef9333e3196adb0b64fc9d0d6a402605 | Triage

Sharing

General

Target

718d3a7a37104d5580e9d417b46300a3ef9333e3196adb0b64fc9d0d6a402605
Size

931KB
Sample

221124-jxan1adc3x
MD5

7263f976613bca3a8a2c6a89c7a1ff19
SHA1

850ff201fa97559a44e1e90ebc5ba05eb38b4b64
SHA256

718d3a7a37104d5580e9d417b46300a3ef9333e3196adb0b64fc9d0d6a402605
SHA512

ac4a22d899066ad992dd55d5230dd5eb56ce49081d69e2a5e7406fe25b87665093b496d42eabc21a8e2a13ff57a0106d85966b07b9d47b5134eddcb99e421d26
SSDEEP

24576:h1OYdaOXMWSUbvCXEQKSqGv8VWumF6RmcJozyPvpfs:h1OslMWyUQ+GUVFIcHPvpfs

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  718d3a7a37104d5580e9d417b46300a3ef9333e3196adb0b64fc9d0d6a402605
- Size
  
  931KB
- MD5
  
  7263f976613bca3a8a2c6a89c7a1ff19
- SHA1
  
  850ff201fa97559a44e1e90ebc5ba05eb38b4b64
- SHA256
  
  718d3a7a37104d5580e9d417b46300a3ef9333e3196adb0b64fc9d0d6a402605
- SHA512
  
  ac4a22d899066ad992dd55d5230dd5eb56ce49081d69e2a5e7406fe25b87665093b496d42eabc21a8e2a13ff57a0106d85966b07b9d47b5134eddcb99e421d26
- SSDEEP
  
  24576:h1OYdaOXMWSUbvCXEQKSqGv8VWumF6RmcJozyPvpfs:h1OslMWyUQ+GUVFIcHPvpfs
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer