Overview

overview

8

Static

static

c30524b5b3...c0.exe

windows7-x64

8

c30524b5b3...c0.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c30524b5b36c5df5f174d33ec8a8f1f9359f1488c1afd96258a853b60555b6c0

  • Size

    2.5MB

  • Sample

    221124-yd3m1aee53

  • MD5

    36b4028859ecb8923fe498c55b1a9180

  • SHA1

    bf331496d8b4a2896e832667e4ce91fda70a3123

  • SHA256

    c30524b5b36c5df5f174d33ec8a8f1f9359f1488c1afd96258a853b60555b6c0

  • SHA512

    0a0c1589127a0ecc916e633a437d0fa4a3c7a289eb546774852d5a198b535d7f58322289a07ad402c6706c85991386b3be0864409a0f8e2f975c81853dd2f4e4

  • SSDEEP

    49152:h1OsOAQ+1ho2H8swSCCwwFB9nfFVDRBTY/3X5wRLCr56JK8x+:h1OMQzVCwJ/3CRLCrY8J

Score
8/10
spywarestealer

Malware Config

Targets

    • Target

      c30524b5b36c5df5f174d33ec8a8f1f9359f1488c1afd96258a853b60555b6c0

    • Size

      2.5MB

    • MD5

      36b4028859ecb8923fe498c55b1a9180

    • SHA1

      bf331496d8b4a2896e832667e4ce91fda70a3123

    • SHA256

      c30524b5b36c5df5f174d33ec8a8f1f9359f1488c1afd96258a853b60555b6c0

    • SHA512

      0a0c1589127a0ecc916e633a437d0fa4a3c7a289eb546774852d5a198b535d7f58322289a07ad402c6706c85991386b3be0864409a0f8e2f975c81853dd2f4e4

    • SSDEEP

      49152:h1OsOAQ+1ho2H8swSCCwwFB9nfFVDRBTY/3X5wRLCr56JK8x+:h1OMQzVCwJ/3CRLCrY8J

    Score
    8/10
    spywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops Chrome extension

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks