fe85399d000b650c89be3880a8f7fe29e641cbecca7f31cdd710989aeeb244b5 | Triage

Sharing

General

Target

fe85399d000b650c89be3880a8f7fe29e641cbecca7f31cdd710989aeeb244b5
Size

931KB
Sample

221124-tw1h5sfb24
MD5

11045bc51d814f508b0ac6fe74de1b5c
SHA1

1923dcc2ef489c61d3453c51783972c5e311f014
SHA256

fe85399d000b650c89be3880a8f7fe29e641cbecca7f31cdd710989aeeb244b5
SHA512

bb3691564ecdf3682ef0a585abf6f5410afcdba174e509da0712c5beda0179f544fd9fe15d720624e624ee78a9fe4641f9ae2054db6d7fa97f2137833feade20
SSDEEP

24576:h1OYdaOECZ/iWCvu/2sWsJA/jlt+DHhsg:h1OsOCpYO/dJJDHhsg

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  fe85399d000b650c89be3880a8f7fe29e641cbecca7f31cdd710989aeeb244b5
- Size
  
  931KB
- MD5
  
  11045bc51d814f508b0ac6fe74de1b5c
- SHA1
  
  1923dcc2ef489c61d3453c51783972c5e311f014
- SHA256
  
  fe85399d000b650c89be3880a8f7fe29e641cbecca7f31cdd710989aeeb244b5
- SHA512
  
  bb3691564ecdf3682ef0a585abf6f5410afcdba174e509da0712c5beda0179f544fd9fe15d720624e624ee78a9fe4641f9ae2054db6d7fa97f2137833feade20
- SSDEEP
  
  24576:h1OYdaOECZ/iWCvu/2sWsJA/jlt+DHhsg:h1OsOCpYO/dJJDHhsg
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer