a926a9726b166581783739e10ce75b6c702fdfb340356b1107c8c80208f2662d | Triage

Sharing

General

Target

a926a9726b166581783739e10ce75b6c702fdfb340356b1107c8c80208f2662d
Size

920KB
Sample

221124-zwgzpahg99
MD5

821c55c7a9b50d984dd7720e0f1a7a71
SHA1

7741343a1c5f16889e5598fb898b152ef99bda50
SHA256

a926a9726b166581783739e10ce75b6c702fdfb340356b1107c8c80208f2662d
SHA512

d7eee9f4c5b5c9862c77371ceeeeb76926d9c02a33d872d9409aa45de8d54a640770d20b444fc74896d4a725442b54876a9773f848eece53f9482a45ceb6976f
SSDEEP

24576:h1OYdaO4MtdHAqcdDVhYwiei7+EpFAh/kKP:h1OsZPHVmVhYwiLtKkKP

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  a926a9726b166581783739e10ce75b6c702fdfb340356b1107c8c80208f2662d
- Size
  
  920KB
- MD5
  
  821c55c7a9b50d984dd7720e0f1a7a71
- SHA1
  
  7741343a1c5f16889e5598fb898b152ef99bda50
- SHA256
  
  a926a9726b166581783739e10ce75b6c702fdfb340356b1107c8c80208f2662d
- SHA512
  
  d7eee9f4c5b5c9862c77371ceeeeb76926d9c02a33d872d9409aa45de8d54a640770d20b444fc74896d4a725442b54876a9773f848eece53f9482a45ceb6976f
- SSDEEP
  
  24576:h1OYdaO4MtdHAqcdDVhYwiei7+EpFAh/kKP:h1OsZPHVmVhYwiLtKkKP
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer