c8e645db150b54986f4c776a204a49296f931d4f83cdb4e63cb2fa155c4ff521 | Triage

Sharing

General

Target

c8e645db150b54986f4c776a204a49296f931d4f83cdb4e63cb2fa155c4ff521
Size

919KB
Sample

221124-x3cx7sdg68
MD5

cc93377a800610ee4ee6446009108891
SHA1

0a542e8834f2d7b597b66328586be38a29cd95cb
SHA256

c8e645db150b54986f4c776a204a49296f931d4f83cdb4e63cb2fa155c4ff521
SHA512

c3134206fb1b74df477e3c2dcec51b2080645d38afe784656c5e5fbd8303e2d76dd8c89ece3a5a536e8c169d9079018f76ac95fa25e2a5b9e5fa58a260b2f154
SSDEEP

24576:h1OYdaOhMtdHAqcdDVhYwiei7+EpFAh/kKm:h1Os8PHVmVhYwiLtKkKm

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  c8e645db150b54986f4c776a204a49296f931d4f83cdb4e63cb2fa155c4ff521
- Size
  
  919KB
- MD5
  
  cc93377a800610ee4ee6446009108891
- SHA1
  
  0a542e8834f2d7b597b66328586be38a29cd95cb
- SHA256
  
  c8e645db150b54986f4c776a204a49296f931d4f83cdb4e63cb2fa155c4ff521
- SHA512
  
  c3134206fb1b74df477e3c2dcec51b2080645d38afe784656c5e5fbd8303e2d76dd8c89ece3a5a536e8c169d9079018f76ac95fa25e2a5b9e5fa58a260b2f154
- SSDEEP
  
  24576:h1OYdaOhMtdHAqcdDVhYwiei7+EpFAh/kKm:h1Os8PHVmVhYwiLtKkKm
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer