f9e4599ee055a00db9c07a83a78d6caec8daa1e8f1a00ccd1e9224993faab25f | Triage

Sharing

General

Target

f9e4599ee055a00db9c07a83a78d6caec8daa1e8f1a00ccd1e9224993faab25f
Size

919KB
Sample

221124-t594yaff74
MD5

47f698eb6a7cff5adb27ded67538fbff
SHA1

b037740f65590e889535f903807f4d65cad856a1
SHA256

f9e4599ee055a00db9c07a83a78d6caec8daa1e8f1a00ccd1e9224993faab25f
SHA512

f25e237fd9f2f49bb858e6021286ddbb8c81adfe5f58337439305252bbae43444edc8cc1880363fc9d8551ed876b94991ffa84d785abba740b3c0f2d9ecc2bb4
SSDEEP

24576:h1OYdaOqjFsFHonBxOOO6fmR+ikkY2Es1JpI:h1OsEjFsF6BIZ6OR+zs1JpI

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  f9e4599ee055a00db9c07a83a78d6caec8daa1e8f1a00ccd1e9224993faab25f
- Size
  
  919KB
- MD5
  
  47f698eb6a7cff5adb27ded67538fbff
- SHA1
  
  b037740f65590e889535f903807f4d65cad856a1
- SHA256
  
  f9e4599ee055a00db9c07a83a78d6caec8daa1e8f1a00ccd1e9224993faab25f
- SHA512
  
  f25e237fd9f2f49bb858e6021286ddbb8c81adfe5f58337439305252bbae43444edc8cc1880363fc9d8551ed876b94991ffa84d785abba740b3c0f2d9ecc2bb4
- SSDEEP
  
  24576:h1OYdaOqjFsFHonBxOOO6fmR+ikkY2Es1JpI:h1OsEjFsF6BIZ6OR+zs1JpI
Score

8^/10

spyware stealer discovery
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealer