e2c34d583cae52ff848a1642c88957195f93457b71bc05d5be0dcc2efe28054b | Triage

Sharing

General

Target

e2c34d583cae52ff848a1642c88957195f93457b71bc05d5be0dcc2efe28054b
Size

2.4MB
Sample

221125-hpga5shd45
MD5

f18f4f9ba46cda1207dc02a912dd7813
SHA1

23aef2f72ad28b18005dc0aac4485974c9a6dfd4
SHA256

e2c34d583cae52ff848a1642c88957195f93457b71bc05d5be0dcc2efe28054b
SHA512

4e035e698b4a665417c566257c5c121ecfa8cb6eab3dc0b4d6a142095483e8fe9a6b7a65d35617be84b9a5c14f3695cd552dae0c8724240ec64c953265b745c7
SSDEEP

49152:QNmNbC/AAT0MH1c4BPk0BN76B1pwXT3n9:ryB62Pku0BQ

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  e2c34d583cae52ff848a1642c88957195f93457b71bc05d5be0dcc2efe28054b
- Size
  
  2.4MB
- MD5
  
  f18f4f9ba46cda1207dc02a912dd7813
- SHA1
  
  23aef2f72ad28b18005dc0aac4485974c9a6dfd4
- SHA256
  
  e2c34d583cae52ff848a1642c88957195f93457b71bc05d5be0dcc2efe28054b
- SHA512
  
  4e035e698b4a665417c566257c5c121ecfa8cb6eab3dc0b4d6a142095483e8fe9a6b7a65d35617be84b9a5c14f3695cd552dae0c8724240ec64c953265b745c7
- SSDEEP
  
  49152:QNmNbC/AAT0MH1c4BPk0BN76B1pwXT3n9:ryB62Pku0BQ
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer