cabd7c226710d1872f11745f6a05a7fd0f2454e243224b5f11e7ff0c04fe4767 | Triage

Sharing

General

Target

cabd7c226710d1872f11745f6a05a7fd0f2454e243224b5f11e7ff0c04fe4767
Size

920KB
Sample

221124-xx377sde42
MD5

02088676e247e5cbec747532d2b93e2c
SHA1

f994981a92d660e51d9ade7c77ef7811b374c95f
SHA256

cabd7c226710d1872f11745f6a05a7fd0f2454e243224b5f11e7ff0c04fe4767
SHA512

554b1760104e96fb19b4638d9baac31637ca0d635426c7c119a8348f15deca0160e19aaa113f5a6562d59b444b9da15567204f8486729d3c18784fa15aa86220
SSDEEP

24576:h1OYdaOn5MtdHAqcdDVhYwiei7+EpFAh/kKP:h1OstKPHVmVhYwiLtKkKP

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  cabd7c226710d1872f11745f6a05a7fd0f2454e243224b5f11e7ff0c04fe4767
- Size
  
  920KB
- MD5
  
  02088676e247e5cbec747532d2b93e2c
- SHA1
  
  f994981a92d660e51d9ade7c77ef7811b374c95f
- SHA256
  
  cabd7c226710d1872f11745f6a05a7fd0f2454e243224b5f11e7ff0c04fe4767
- SHA512
  
  554b1760104e96fb19b4638d9baac31637ca0d635426c7c119a8348f15deca0160e19aaa113f5a6562d59b444b9da15567204f8486729d3c18784fa15aa86220
- SSDEEP
  
  24576:h1OYdaOn5MtdHAqcdDVhYwiei7+EpFAh/kKP:h1OstKPHVmVhYwiLtKkKP
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer