2e147140e2ed3c966dd121a2b1d8fe56bffd06c478a63a8b994a707e4fad6d6c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e147140e2ed3c966dd121a2b1d8fe56bffd06c478a63a8b994a707e4fad6d6c
Size

778KB
Sample

221125-2bf8rsbc67
MD5

9ad01f5b8ca1d4f88f10b2dfc42cd8b8
SHA1

a12740157e8582973eeb1724834eaeb2f02d3528
SHA256

2e147140e2ed3c966dd121a2b1d8fe56bffd06c478a63a8b994a707e4fad6d6c
SHA512

91031f0694eca538f94c09256df877c67a94b34f4ac3c9c14b00a4ae1dc8414f03a72e9cdfb07c39e09d5a97d020e193412f084ad6f6830a3ef6ea7206f67fc9
SSDEEP

24576:h1OYdaOhwkBM0MlnPTdF7/c4TTLWEuhMD:h1OsrM1PrQiLDuiD

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  2e147140e2ed3c966dd121a2b1d8fe56bffd06c478a63a8b994a707e4fad6d6c
- Size
  
  778KB
- MD5
  
  9ad01f5b8ca1d4f88f10b2dfc42cd8b8
- SHA1
  
  a12740157e8582973eeb1724834eaeb2f02d3528
- SHA256
  
  2e147140e2ed3c966dd121a2b1d8fe56bffd06c478a63a8b994a707e4fad6d6c
- SHA512
  
  91031f0694eca538f94c09256df877c67a94b34f4ac3c9c14b00a4ae1dc8414f03a72e9cdfb07c39e09d5a97d020e193412f084ad6f6830a3ef6ea7206f67fc9
- SSDEEP
  
  24576:h1OYdaOhwkBM0MlnPTdF7/c4TTLWEuhMD:h1OsrM1PrQiLDuiD
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer