1aedad7bfbe766fd2e3c5636899448de767b72bf3e2c00f1ce50147e7b599993 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1aedad7bfbe766fd2e3c5636899448de767b72bf3e2c00f1ce50147e7b599993
Size

7.4MB
Sample

221127-ajnt2afa66
MD5

0cabb5eedb9efff590fe336094b2b26c
SHA1

164b8ba96df2b58b272c33fd5442edd61d9eb18a
SHA256

1aedad7bfbe766fd2e3c5636899448de767b72bf3e2c00f1ce50147e7b599993
SHA512

84aad77ec89cd511806a144e5eae0ee691a96304eeb970ddda247f711624a37d406976c4612090ae13ccb214b36b445af40584b31584d968930351510d1bda41
SSDEEP

196608:WmYElgrBB7RqmHCWejrpVrL2tY7gPMYPVsHxD6V:JYUgzAmHLwlxL8YIp06V

Score

9^/10

spyware stealer

Malware Config

Targets

- Target
  
  1aedad7bfbe766fd2e3c5636899448de767b72bf3e2c00f1ce50147e7b599993
- Size
  
  7.4MB
- MD5
  
  0cabb5eedb9efff590fe336094b2b26c
- SHA1
  
  164b8ba96df2b58b272c33fd5442edd61d9eb18a
- SHA256
  
  1aedad7bfbe766fd2e3c5636899448de767b72bf3e2c00f1ce50147e7b599993
- SHA512
  
  84aad77ec89cd511806a144e5eae0ee691a96304eeb970ddda247f711624a37d406976c4612090ae13ccb214b36b445af40584b31584d968930351510d1bda41
- SSDEEP
  
  196608:WmYElgrBB7RqmHCWejrpVrL2tY7gPMYPVsHxD6V:JYUgzAmHLwlxL8YIp06V
Score

9^/10

spyware stealer
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2