fbcc631f1091491bffe31eece5939ed36a62dc00be9d098dab8383e2044889a7 | Triage

Sharing

General

Target

fbcc631f1091491bffe31eece5939ed36a62dc00be9d098dab8383e2044889a7
Size

920KB
Sample

221124-t2wr5saf8x
MD5

148bd3011f5a3e3ad094383ba5491fc4
SHA1

f4a3007afd4a74e9d3799b3ca5c1c74760366f1a
SHA256

fbcc631f1091491bffe31eece5939ed36a62dc00be9d098dab8383e2044889a7
SHA512

cb4cf8fc2fdae2ee6ae6b5b7cf857489384a599c0424ed79acd2a372897737a7e7d566950c0b74f416f642f2577eca4aa5b2b330c036a252e40ba1d1e8b17ab6
SSDEEP

24576:h1OYdaOpMtdHAqcdDVhYwiei7+EpFAh/kKT:h1OsYPHVmVhYwiLtKkKT

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  fbcc631f1091491bffe31eece5939ed36a62dc00be9d098dab8383e2044889a7
- Size
  
  920KB
- MD5
  
  148bd3011f5a3e3ad094383ba5491fc4
- SHA1
  
  f4a3007afd4a74e9d3799b3ca5c1c74760366f1a
- SHA256
  
  fbcc631f1091491bffe31eece5939ed36a62dc00be9d098dab8383e2044889a7
- SHA512
  
  cb4cf8fc2fdae2ee6ae6b5b7cf857489384a599c0424ed79acd2a372897737a7e7d566950c0b74f416f642f2577eca4aa5b2b330c036a252e40ba1d1e8b17ab6
- SSDEEP
  
  24576:h1OYdaOpMtdHAqcdDVhYwiei7+EpFAh/kKT:h1OsYPHVmVhYwiLtKkKT
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2