fb8932080586401a0dcde8600985f99090c6b710dd94458902e0490829706343 | Triage

Sharing

General

Target

fb8932080586401a0dcde8600985f99090c6b710dd94458902e0490829706343
Size

931KB
Sample

221124-t3cewsag2v
MD5

d75eca147345f8297b1c5e7ec72ff370
SHA1

577d19a0a69ccf1c0411a5a2f9177c2e6090d87f
SHA256

fb8932080586401a0dcde8600985f99090c6b710dd94458902e0490829706343
SHA512

511e992285166c7ca2eee5e05d8ba3b28ea5d3056dedb120be856d493448e3bf0f2668479aea1e59069838b4b369db5f40091a50f23a46bfb9e7bb9779b57c6d
SSDEEP

24576:h1OYdaO2CZ/iWCvu/2sWsJA/jlt+DHhsF:h1OsICpYO/dJJDHhsF

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  fb8932080586401a0dcde8600985f99090c6b710dd94458902e0490829706343
- Size
  
  931KB
- MD5
  
  d75eca147345f8297b1c5e7ec72ff370
- SHA1
  
  577d19a0a69ccf1c0411a5a2f9177c2e6090d87f
- SHA256
  
  fb8932080586401a0dcde8600985f99090c6b710dd94458902e0490829706343
- SHA512
  
  511e992285166c7ca2eee5e05d8ba3b28ea5d3056dedb120be856d493448e3bf0f2668479aea1e59069838b4b369db5f40091a50f23a46bfb9e7bb9779b57c6d
- SSDEEP
  
  24576:h1OYdaO2CZ/iWCvu/2sWsJA/jlt+DHhsF:h1OsICpYO/dJJDHhsF
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer