c89fc9d399d3fd6a1545889d60d5f9e8bf6256e987543c33b289667743629beb | Triage

Sharing

General

Target

c89fc9d399d3fd6a1545889d60d5f9e8bf6256e987543c33b289667743629beb
Size

920KB
Sample

221124-x3zf7sgh7s
MD5

c3fbe29774e469fda56fb906b80c9de6
SHA1

f2fee4b8b80c9252c25766e7ffaf302b7d183279
SHA256

c89fc9d399d3fd6a1545889d60d5f9e8bf6256e987543c33b289667743629beb
SHA512

398b19236503ce208c590d87e5bd58b59eed7d1644b7cf4b9567c2645930f830086296c0683d27d67c833663fff97050a160bd66f4dc3643768b36c64927b58e
SSDEEP

24576:h1OYdaOKMtdHAqcdDVhYwiei7+EpFAh/kKZ:h1Os7PHVmVhYwiLtKkKZ

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  c89fc9d399d3fd6a1545889d60d5f9e8bf6256e987543c33b289667743629beb
- Size
  
  920KB
- MD5
  
  c3fbe29774e469fda56fb906b80c9de6
- SHA1
  
  f2fee4b8b80c9252c25766e7ffaf302b7d183279
- SHA256
  
  c89fc9d399d3fd6a1545889d60d5f9e8bf6256e987543c33b289667743629beb
- SHA512
  
  398b19236503ce208c590d87e5bd58b59eed7d1644b7cf4b9567c2645930f830086296c0683d27d67c833663fff97050a160bd66f4dc3643768b36c64927b58e
- SSDEEP
  
  24576:h1OYdaOKMtdHAqcdDVhYwiei7+EpFAh/kKZ:h1Os7PHVmVhYwiLtKkKZ
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer