c7f02353a433832b03b2c1d5442776f7a989b61fbb6d1999c2c9032b72a77344 | Triage

Sharing

General

Target

c7f02353a433832b03b2c1d5442776f7a989b61fbb6d1999c2c9032b72a77344
Size

924KB
Sample

221124-x4yajadh65
MD5

59c2fb7ae369ab11071d32af4fe7918e
SHA1

7b7f4618121465c3332b675f99dbae2545c4aff2
SHA256

c7f02353a433832b03b2c1d5442776f7a989b61fbb6d1999c2c9032b72a77344
SHA512

1e23fc552739ce4402c064b7b6451ebe2d2ec25e4a83bb828013f4b88202d148140ddb037e502aa6c0cc2e56b9d6cea60585e9b5f5e36ced6b21f9d66f31805c
SSDEEP

24576:h1OYdaOZpi3TiqRomivrVhjlLZzpHAzSpkGk8t8Fp:h1Os3GX0rN1lHAKkZ8t8Fp

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  c7f02353a433832b03b2c1d5442776f7a989b61fbb6d1999c2c9032b72a77344
- Size
  
  924KB
- MD5
  
  59c2fb7ae369ab11071d32af4fe7918e
- SHA1
  
  7b7f4618121465c3332b675f99dbae2545c4aff2
- SHA256
  
  c7f02353a433832b03b2c1d5442776f7a989b61fbb6d1999c2c9032b72a77344
- SHA512
  
  1e23fc552739ce4402c064b7b6451ebe2d2ec25e4a83bb828013f4b88202d148140ddb037e502aa6c0cc2e56b9d6cea60585e9b5f5e36ced6b21f9d66f31805c
- SSDEEP
  
  24576:h1OYdaOZpi3TiqRomivrVhjlLZzpHAzSpkGk8t8Fp:h1Os3GX0rN1lHAKkZ8t8Fp
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2