fd3d9dcf526246915a31c172ecfcf00c599ca3c8401f0a50c0878da861affb88 | Triage

Sharing

General

Target

fd3d9dcf526246915a31c172ecfcf00c599ca3c8401f0a50c0878da861affb88
Size

920KB
Sample

221124-ty57eaae3s
MD5

ca3741e0b8d7f8318603a1ac5f3aaa97
SHA1

ca1e4a22623eb77e1a79c010c86b01bc2ecb31df
SHA256

fd3d9dcf526246915a31c172ecfcf00c599ca3c8401f0a50c0878da861affb88
SHA512

e9a476735f85cfdee4b8527372a462f4969ad765f877d7b65722ad8b59b55a517d6059a50360da9156ba6eacf8cf895d4b5dd82c0b0e3be7f201949495ebd216
SSDEEP

24576:h1OYdaO7CZ/iWCvu/2sWsJA/jlt+DHhs1:h1OsBCpYO/dJJDHhs1

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  fd3d9dcf526246915a31c172ecfcf00c599ca3c8401f0a50c0878da861affb88
- Size
  
  920KB
- MD5
  
  ca3741e0b8d7f8318603a1ac5f3aaa97
- SHA1
  
  ca1e4a22623eb77e1a79c010c86b01bc2ecb31df
- SHA256
  
  fd3d9dcf526246915a31c172ecfcf00c599ca3c8401f0a50c0878da861affb88
- SHA512
  
  e9a476735f85cfdee4b8527372a462f4969ad765f877d7b65722ad8b59b55a517d6059a50360da9156ba6eacf8cf895d4b5dd82c0b0e3be7f201949495ebd216
- SSDEEP
  
  24576:h1OYdaO7CZ/iWCvu/2sWsJA/jlt+DHhs1:h1OsBCpYO/dJJDHhs1
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer