c251d4ed53db8477773728521aa75757bd7b4dc69e03ea731e731dec3206f209 | Triage

Sharing

General

Target

c251d4ed53db8477773728521aa75757bd7b4dc69e03ea731e731dec3206f209
Size

1.2MB
Sample

221124-ye23vsee97
MD5

cb9870fc0ec126b28be2b757ab35f7a0
SHA1

bc7130600c293811be68d950b4097b222383841f
SHA256

c251d4ed53db8477773728521aa75757bd7b4dc69e03ea731e731dec3206f209
SHA512

06787dc6d98d27385a67474d10c29170e6983f3f54e111b36b15bdfa134a526bdb46fddeced0f2f9f937d398d246253de533b3e886fc77ee4010dc81a8d1d221
SSDEEP

24576:fl+Vp8iof9eO4yoDO7bcZEb93BA0/LtmWxn1YMluh:fr974yoC3yE/Ac5mWxnmrh

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  c251d4ed53db8477773728521aa75757bd7b4dc69e03ea731e731dec3206f209
- Size
  
  1.2MB
- MD5
  
  cb9870fc0ec126b28be2b757ab35f7a0
- SHA1
  
  bc7130600c293811be68d950b4097b222383841f
- SHA256
  
  c251d4ed53db8477773728521aa75757bd7b4dc69e03ea731e731dec3206f209
- SHA512
  
  06787dc6d98d27385a67474d10c29170e6983f3f54e111b36b15bdfa134a526bdb46fddeced0f2f9f937d398d246253de533b3e886fc77ee4010dc81a8d1d221
- SSDEEP
  
  24576:fl+Vp8iof9eO4yoDO7bcZEb93BA0/LtmWxn1YMluh:fr974yoC3yE/Ac5mWxnmrh
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2