c62edd64f440d4b47ab7b4ce87210b44c8215698dc022f67349eab794dcaaf92 | Triage

Sharing

General

Target

c62edd64f440d4b47ab7b4ce87210b44c8215698dc022f67349eab794dcaaf92
Size

919KB
Sample

221124-x78wfaeb33
MD5

b3f77bba418e3153a2a5c23fdef2b5d5
SHA1

96ee23ee908e7a80819cbf80a24e7615fffb055a
SHA256

c62edd64f440d4b47ab7b4ce87210b44c8215698dc022f67349eab794dcaaf92
SHA512

a5e64e04f90107e7e0f456df92750ce854c3a882cad2cd4ca129fa2b045961606a53b7e7fb1a595f96a8e038b858a893a50989d33b66eba201c0d29fa1b3d722
SSDEEP

24576:h1OYdaOKMtdHAqcdDVhYwiei7+EpFAh/kKx:h1OsPPHVmVhYwiLtKkKx

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  c62edd64f440d4b47ab7b4ce87210b44c8215698dc022f67349eab794dcaaf92
- Size
  
  919KB
- MD5
  
  b3f77bba418e3153a2a5c23fdef2b5d5
- SHA1
  
  96ee23ee908e7a80819cbf80a24e7615fffb055a
- SHA256
  
  c62edd64f440d4b47ab7b4ce87210b44c8215698dc022f67349eab794dcaaf92
- SHA512
  
  a5e64e04f90107e7e0f456df92750ce854c3a882cad2cd4ca129fa2b045961606a53b7e7fb1a595f96a8e038b858a893a50989d33b66eba201c0d29fa1b3d722
- SSDEEP
  
  24576:h1OYdaOKMtdHAqcdDVhYwiei7+EpFAh/kKx:h1OsPPHVmVhYwiLtKkKx
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer