daf7e49ade01fd8615887b5c12f4103d60f41811dbe25c51fdac7cbe7f863b43 | Triage

Sharing

General

Target

daf7e49ade01fd8615887b5c12f4103d60f41811dbe25c51fdac7cbe7f863b43
Size

2.7MB
Sample

221124-nkf3gaag64
MD5

dd55ceacd0dc136d415e6b00202ac6b5
SHA1

f6f6951526f73e092099651c3bd115f6586efb25
SHA256

daf7e49ade01fd8615887b5c12f4103d60f41811dbe25c51fdac7cbe7f863b43
SHA512

86e193624a05c8d83136c838b42d54e297e54f04d11978068ac082f5239d63a8b6ced1548a36d83865d961ddf83a9c70d1e5c033d0b6aa5a4bde573fdaa2e1ff
SSDEEP

49152:o+xRGdb7OQeYhnUVSTY9gY5+rkCq2HfmIMcWACmJW3k8H6:LRGbvfY9gY8rkCq2/NWAHW

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  daf7e49ade01fd8615887b5c12f4103d60f41811dbe25c51fdac7cbe7f863b43
- Size
  
  2.7MB
- MD5
  
  dd55ceacd0dc136d415e6b00202ac6b5
- SHA1
  
  f6f6951526f73e092099651c3bd115f6586efb25
- SHA256
  
  daf7e49ade01fd8615887b5c12f4103d60f41811dbe25c51fdac7cbe7f863b43
- SHA512
  
  86e193624a05c8d83136c838b42d54e297e54f04d11978068ac082f5239d63a8b6ced1548a36d83865d961ddf83a9c70d1e5c033d0b6aa5a4bde573fdaa2e1ff
- SSDEEP
  
  49152:o+xRGdb7OQeYhnUVSTY9gY5+rkCq2HfmIMcWACmJW3k8H6:LRGbvfY9gY8rkCq2/NWAHW
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer