fe19654710805a0ddc42b1e5bbc265f2c02bb8454eff4b6b33d36316f1568611 | Triage

Sharing

General

Target

fe19654710805a0ddc42b1e5bbc265f2c02bb8454eff4b6b33d36316f1568611
Size

931KB
Sample

221124-txlflsad5w
MD5

ce50953fca4a76305a6357be672f039d
SHA1

5ffb0d273fa3598cb1bbeea521c2e14665c6f78c
SHA256

fe19654710805a0ddc42b1e5bbc265f2c02bb8454eff4b6b33d36316f1568611
SHA512

fdcc5daa37742b0cb805bbef2b22824563bd75f8411ae0f7019b30570a00d47c17c4310b2e9e79a20882c0fa969be7a569a0cf66da4f61f534b6cdcce896d391
SSDEEP

24576:h1OYdaOcCZ/iWCvu/2sWsJA/jlt+DHhsd:h1OsmCpYO/dJJDHhsd

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  fe19654710805a0ddc42b1e5bbc265f2c02bb8454eff4b6b33d36316f1568611
- Size
  
  931KB
- MD5
  
  ce50953fca4a76305a6357be672f039d
- SHA1
  
  5ffb0d273fa3598cb1bbeea521c2e14665c6f78c
- SHA256
  
  fe19654710805a0ddc42b1e5bbc265f2c02bb8454eff4b6b33d36316f1568611
- SHA512
  
  fdcc5daa37742b0cb805bbef2b22824563bd75f8411ae0f7019b30570a00d47c17c4310b2e9e79a20882c0fa969be7a569a0cf66da4f61f534b6cdcce896d391
- SSDEEP
  
  24576:h1OYdaOcCZ/iWCvu/2sWsJA/jlt+DHhsd:h1OsmCpYO/dJJDHhsd
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer