df8b9bb07f833a9ed69dd9b8e0ebb639585d0eb64adc0564cca0189386296ad5 | Triage

Sharing

General

Target

df8b9bb07f833a9ed69dd9b8e0ebb639585d0eb64adc0564cca0189386296ad5
Size

4.3MB
Sample

221127-az4v7agb83
MD5

e0a7137adbbce80b12f2b9611fa6f472
SHA1

c52b8b9478119ec8a941922b1529693f5f77fb24
SHA256

df8b9bb07f833a9ed69dd9b8e0ebb639585d0eb64adc0564cca0189386296ad5
SHA512

f64e6c7ca391e981e049173070f1539ee7caefae638ecc23136a1e34900f9267a77e477249edd445f8b4d91a91d428b07096e404da77769e97783f44466b5908
SSDEEP

98304:1Xxc//////28cScCGW76TmJqSkDMHQMT24YLzrd6k:ZSc/W76TmHkYlTqF6k

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  df8b9bb07f833a9ed69dd9b8e0ebb639585d0eb64adc0564cca0189386296ad5
- Size
  
  4.3MB
- MD5
  
  e0a7137adbbce80b12f2b9611fa6f472
- SHA1
  
  c52b8b9478119ec8a941922b1529693f5f77fb24
- SHA256
  
  df8b9bb07f833a9ed69dd9b8e0ebb639585d0eb64adc0564cca0189386296ad5
- SHA512
  
  f64e6c7ca391e981e049173070f1539ee7caefae638ecc23136a1e34900f9267a77e477249edd445f8b4d91a91d428b07096e404da77769e97783f44466b5908
- SSDEEP
  
  98304:1Xxc//////28cScCGW76TmJqSkDMHQMT24YLzrd6k:ZSc/W76TmHkYlTqF6k
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2