52d801d1458a2d35579848fa6b5458d936433634da6fd427d4557f61cc63bc72 | Triage

Sharing

General

Target

52d801d1458a2d35579848fa6b5458d936433634da6fd427d4557f61cc63bc72
Size

920KB
Sample

221125-bxyf3afd8y
MD5

cd60ca5be701eb94b9a6b2397c7fd292
SHA1

d784326a97251248b27e06480e1683fa8b19d2d7
SHA256

52d801d1458a2d35579848fa6b5458d936433634da6fd427d4557f61cc63bc72
SHA512

c2ba6adf6211a803e90a2fe3a4442185b9b0d479687c40da00ec97d99f7a2f20e8909f7d9e26e8559c814da09211d6c5ba8d7f37f111c0d74bdbf38e82b40979
SSDEEP

24576:h1OYdaOVCZ/iWCvu/2sWsJA/jlt+DHhsc:h1OsDCpYO/dJJDHhsc

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  52d801d1458a2d35579848fa6b5458d936433634da6fd427d4557f61cc63bc72
- Size
  
  920KB
- MD5
  
  cd60ca5be701eb94b9a6b2397c7fd292
- SHA1
  
  d784326a97251248b27e06480e1683fa8b19d2d7
- SHA256
  
  52d801d1458a2d35579848fa6b5458d936433634da6fd427d4557f61cc63bc72
- SHA512
  
  c2ba6adf6211a803e90a2fe3a4442185b9b0d479687c40da00ec97d99f7a2f20e8909f7d9e26e8559c814da09211d6c5ba8d7f37f111c0d74bdbf38e82b40979
- SSDEEP
  
  24576:h1OYdaOVCZ/iWCvu/2sWsJA/jlt+DHhsc:h1OsDCpYO/dJJDHhsc
Score

8^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer