c9ddda84ead5dd3a56395bb1921a939bf5ca3fa0bd11615e482d756251ed34ab | Triage

Sharing

General

Target

c9ddda84ead5dd3a56395bb1921a939bf5ca3fa0bd11615e482d756251ed34ab
Size

929KB
Sample

221124-xzwk5sdf38
MD5

966e4f5d7d080a5dfb55f7157630fd50
SHA1

9e78b7099102e814336893eb0ed92c8fa374bf75
SHA256

c9ddda84ead5dd3a56395bb1921a939bf5ca3fa0bd11615e482d756251ed34ab
SHA512

233bc5c1f6f20bed86adcd389a35924650a65745d9448be84efafb6cdadb555b65838ec160e4148c3a67792b8756da849556c1f12c287b93f211310b8d05dee5
SSDEEP

24576:h1OYdaObjFsFHonBxOOO6fmR+ikkY2Es1JpG:h1OspjFsF6BIZ6OR+zs1JpG

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  c9ddda84ead5dd3a56395bb1921a939bf5ca3fa0bd11615e482d756251ed34ab
- Size
  
  929KB
- MD5
  
  966e4f5d7d080a5dfb55f7157630fd50
- SHA1
  
  9e78b7099102e814336893eb0ed92c8fa374bf75
- SHA256
  
  c9ddda84ead5dd3a56395bb1921a939bf5ca3fa0bd11615e482d756251ed34ab
- SHA512
  
  233bc5c1f6f20bed86adcd389a35924650a65745d9448be84efafb6cdadb555b65838ec160e4148c3a67792b8756da849556c1f12c287b93f211310b8d05dee5
- SSDEEP
  
  24576:h1OYdaObjFsFHonBxOOO6fmR+ikkY2Es1JpG:h1OspjFsF6BIZ6OR+zs1JpG
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2