c039e42c95c494dc3c792ec9fb622b2658e33ba66095dd14310fe832c096143a | Triage

Sharing

General

Target

c039e42c95c494dc3c792ec9fb622b2658e33ba66095dd14310fe832c096143a
Size

919KB
Sample

221124-yjzhjaeh27
MD5

d47d3ea1afdc79abf837b65e56f33073
SHA1

30807033cd7c82b9ccff6aae03f69bbf948fbe5f
SHA256

c039e42c95c494dc3c792ec9fb622b2658e33ba66095dd14310fe832c096143a
SHA512

125c235e7a4d7d1674132cf234cc46ba19ec827c39bccd88a13d2045000af7e2d3203f2a8e0faf218f261e75a43d225ba22774cc9d53aec489e267852182ebde
SSDEEP

24576:h1OYdaOyMtdHAqcdDVhYwiei7+EpFAh/kKU:h1OsXPHVmVhYwiLtKkKU

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  c039e42c95c494dc3c792ec9fb622b2658e33ba66095dd14310fe832c096143a
- Size
  
  919KB
- MD5
  
  d47d3ea1afdc79abf837b65e56f33073
- SHA1
  
  30807033cd7c82b9ccff6aae03f69bbf948fbe5f
- SHA256
  
  c039e42c95c494dc3c792ec9fb622b2658e33ba66095dd14310fe832c096143a
- SHA512
  
  125c235e7a4d7d1674132cf234cc46ba19ec827c39bccd88a13d2045000af7e2d3203f2a8e0faf218f261e75a43d225ba22774cc9d53aec489e267852182ebde
- SSDEEP
  
  24576:h1OYdaOyMtdHAqcdDVhYwiei7+EpFAh/kKU:h1OsXPHVmVhYwiLtKkKU
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer