fc759766d46607218f06a91fa1fa053b2cc45e0a660fc632fe2b6a3fa9e36a9c | Triage

Sharing

General

Target

fc759766d46607218f06a91fa1fa053b2cc45e0a660fc632fe2b6a3fa9e36a9c
Size

927KB
Sample

221124-t1jq7aae9t
MD5

2b4b1ba74c1ea3a951c1e074a3a5bb5b
SHA1

febd062ff9246f4d9eac38c2f3cf52be898186b3
SHA256

fc759766d46607218f06a91fa1fa053b2cc45e0a660fc632fe2b6a3fa9e36a9c
SHA512

5e9c59f7050663fed020802db07ef4dd85bc93d4a592ebade5dcfc4533fa939a9f3c2f8a458dda6d2a63f6c1fd8ee661c5bdba1355310a32053239f49b043e2d
SSDEEP

24576:h1OYdaOujqjInQju5vMu6qN2FctIOBYXZBai3GBlgpKLe/7rc:h1OsOQjO6HHzayGBe/7rc

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  fc759766d46607218f06a91fa1fa053b2cc45e0a660fc632fe2b6a3fa9e36a9c
- Size
  
  927KB
- MD5
  
  2b4b1ba74c1ea3a951c1e074a3a5bb5b
- SHA1
  
  febd062ff9246f4d9eac38c2f3cf52be898186b3
- SHA256
  
  fc759766d46607218f06a91fa1fa053b2cc45e0a660fc632fe2b6a3fa9e36a9c
- SHA512
  
  5e9c59f7050663fed020802db07ef4dd85bc93d4a592ebade5dcfc4533fa939a9f3c2f8a458dda6d2a63f6c1fd8ee661c5bdba1355310a32053239f49b043e2d
- SSDEEP
  
  24576:h1OYdaOujqjInQju5vMu6qN2FctIOBYXZBai3GBlgpKLe/7rc:h1OsOQjO6HHzayGBe/7rc
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer