c2d60774697d5595efd5884cd43688650980265cf57b3422f7414360d8d01db8 | Triage

Sharing

General

Target

c2d60774697d5595efd5884cd43688650980265cf57b3422f7414360d8d01db8
Size

919KB
Sample

221124-yd923see59
MD5

0c7561c16e0b4cac52cda41d92562f8a
SHA1

da7e215a5d6c6ae05ffdc04fc9bf4e802d236424
SHA256

c2d60774697d5595efd5884cd43688650980265cf57b3422f7414360d8d01db8
SHA512

a2093a6ec59675a9209436e4f1b221cc6ce950650794f2a8256e52b09831e45a85c5f89a8784d3e5588f09a3c83a08e656159f792a39c3768d88455b7e0b53f7
SSDEEP

24576:h1OYdaOBMtdHAqcdDVhYwiei7+EpFAh/kKP:h1OsYPHVmVhYwiLtKkKP

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  c2d60774697d5595efd5884cd43688650980265cf57b3422f7414360d8d01db8
- Size
  
  919KB
- MD5
  
  0c7561c16e0b4cac52cda41d92562f8a
- SHA1
  
  da7e215a5d6c6ae05ffdc04fc9bf4e802d236424
- SHA256
  
  c2d60774697d5595efd5884cd43688650980265cf57b3422f7414360d8d01db8
- SHA512
  
  a2093a6ec59675a9209436e4f1b221cc6ce950650794f2a8256e52b09831e45a85c5f89a8784d3e5588f09a3c83a08e656159f792a39c3768d88455b7e0b53f7
- SSDEEP
  
  24576:h1OYdaOBMtdHAqcdDVhYwiei7+EpFAh/kKP:h1OsYPHVmVhYwiLtKkKP
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer