ce565eaed0a4ace93eda3ab3745d96e0bab7ac3978533fa4aafb5fdf3b577ce1 | Triage

Sharing

General

Target

ce565eaed0a4ace93eda3ab3745d96e0bab7ac3978533fa4aafb5fdf3b577ce1
Size

920KB
Sample

221124-xqew2ada59
MD5

bced5de26f11d20037e45c540017623b
SHA1

69ec70b0fbdb844215a77cb791f01907a95b42b8
SHA256

ce565eaed0a4ace93eda3ab3745d96e0bab7ac3978533fa4aafb5fdf3b577ce1
SHA512

815d7200ab971fec7a0270fd004bf84fc28a60406c26ae65d72edcc241f9e8586be11ded310c3647e0320713854a237ee48bb2810d91a59cf77e8774fe9dea78
SSDEEP

24576:h1OYdaOXCZ/iWCvu/2sWsJA/jlt+DHhso:h1OsdCpYO/dJJDHhso

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  ce565eaed0a4ace93eda3ab3745d96e0bab7ac3978533fa4aafb5fdf3b577ce1
- Size
  
  920KB
- MD5
  
  bced5de26f11d20037e45c540017623b
- SHA1
  
  69ec70b0fbdb844215a77cb791f01907a95b42b8
- SHA256
  
  ce565eaed0a4ace93eda3ab3745d96e0bab7ac3978533fa4aafb5fdf3b577ce1
- SHA512
  
  815d7200ab971fec7a0270fd004bf84fc28a60406c26ae65d72edcc241f9e8586be11ded310c3647e0320713854a237ee48bb2810d91a59cf77e8774fe9dea78
- SSDEEP
  
  24576:h1OYdaOXCZ/iWCvu/2sWsJA/jlt+DHhso:h1OsdCpYO/dJJDHhso
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer