fcc049812462eb7b424b478a4f7525aacdef8b4b91ccecf2af6bf9fdd9fe5c61 | Triage

Sharing

General

Target

fcc049812462eb7b424b478a4f7525aacdef8b4b91ccecf2af6bf9fdd9fe5c61
Size

931KB
Sample

221124-tz8nxsae71
MD5

bc3dab6c698df9597819c6d7babbf75c
SHA1

3b6794b01a1f138b0ffacb5024c52e308e9b496c
SHA256

fcc049812462eb7b424b478a4f7525aacdef8b4b91ccecf2af6bf9fdd9fe5c61
SHA512

28eda6d4adf79dde1b2e05416f7a283e53b7f9941f3cfa74877d1acaac2c0f4609879bb0b80eb55d005421e9d1fe74252459c7d41da0861bda6e1f6639794282
SSDEEP

24576:h1OYdaOuCZ/iWCvu/2sWsJA/jlt+DHhsd:h1OsUCpYO/dJJDHhsd

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  fcc049812462eb7b424b478a4f7525aacdef8b4b91ccecf2af6bf9fdd9fe5c61
- Size
  
  931KB
- MD5
  
  bc3dab6c698df9597819c6d7babbf75c
- SHA1
  
  3b6794b01a1f138b0ffacb5024c52e308e9b496c
- SHA256
  
  fcc049812462eb7b424b478a4f7525aacdef8b4b91ccecf2af6bf9fdd9fe5c61
- SHA512
  
  28eda6d4adf79dde1b2e05416f7a283e53b7f9941f3cfa74877d1acaac2c0f4609879bb0b80eb55d005421e9d1fe74252459c7d41da0861bda6e1f6639794282
- SSDEEP
  
  24576:h1OYdaOuCZ/iWCvu/2sWsJA/jlt+DHhsd:h1OsUCpYO/dJJDHhsd
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer