ca09550e57423f33085d79613f45663ce71ebe654a3223d3dac5f25d6a315d31 | Triage

Sharing

General

Target

ca09550e57423f33085d79613f45663ce71ebe654a3223d3dac5f25d6a315d31
Size

923KB
Sample

221124-xzfjxsgf7z
MD5

fced897ad9fc93d6c54386c94ec8c9e4
SHA1

9d228828c7d4cbf933d2369a99786646610d52d9
SHA256

ca09550e57423f33085d79613f45663ce71ebe654a3223d3dac5f25d6a315d31
SHA512

0e2513be1e3f5d162ccbaf4c8a472c21a871f6dc99a8e8db09380b20ff1179ca44966c5901eb7b36e8c42f02fb993dedef6b63522dbae408578ef39d772a440b
SSDEEP

24576:h1OYdaOaS/Yq4hD9S9Acd+lMbXYN9MKONgRsAb:h1OsAYYrS9ldCM8N9MoRsAb

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  ca09550e57423f33085d79613f45663ce71ebe654a3223d3dac5f25d6a315d31
- Size
  
  923KB
- MD5
  
  fced897ad9fc93d6c54386c94ec8c9e4
- SHA1
  
  9d228828c7d4cbf933d2369a99786646610d52d9
- SHA256
  
  ca09550e57423f33085d79613f45663ce71ebe654a3223d3dac5f25d6a315d31
- SHA512
  
  0e2513be1e3f5d162ccbaf4c8a472c21a871f6dc99a8e8db09380b20ff1179ca44966c5901eb7b36e8c42f02fb993dedef6b63522dbae408578ef39d772a440b
- SSDEEP
  
  24576:h1OYdaOaS/Yq4hD9S9Acd+lMbXYN9MKONgRsAb:h1OsAYYrS9ldCM8N9MoRsAb
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer