c5dbfb242981388e92d4f4d4aa806337831d6c887f095fbbf37aeebe007bc5d1 | Triage

Sharing

General

Target

c5dbfb242981388e92d4f4d4aa806337831d6c887f095fbbf37aeebe007bc5d1
Size

920KB
Sample

221124-x8mdtseb49
MD5

7a9db3c3e75d7175f4bdd17a1ce74b88
SHA1

53d7bed802876514da0ea3406454cc2baab71f98
SHA256

c5dbfb242981388e92d4f4d4aa806337831d6c887f095fbbf37aeebe007bc5d1
SHA512

eb2922970ab12819bddd6c02292a55fbd8579f355287b733abfe911b212b6fa4b55c4763077ece5b42c5e21d8a6a07a7b9492f9c2ba8175e863ddcf9bfa4851c
SSDEEP

24576:h1OYdaOmCZ/iWCvu/2sWsJA/jlt+DHhsA:h1OsoCpYO/dJJDHhsA

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  c5dbfb242981388e92d4f4d4aa806337831d6c887f095fbbf37aeebe007bc5d1
- Size
  
  920KB
- MD5
  
  7a9db3c3e75d7175f4bdd17a1ce74b88
- SHA1
  
  53d7bed802876514da0ea3406454cc2baab71f98
- SHA256
  
  c5dbfb242981388e92d4f4d4aa806337831d6c887f095fbbf37aeebe007bc5d1
- SHA512
  
  eb2922970ab12819bddd6c02292a55fbd8579f355287b733abfe911b212b6fa4b55c4763077ece5b42c5e21d8a6a07a7b9492f9c2ba8175e863ddcf9bfa4851c
- SSDEEP
  
  24576:h1OYdaOmCZ/iWCvu/2sWsJA/jlt+DHhsA:h1OsoCpYO/dJJDHhsA
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer