152e20e7fdb468b62495f1db262ceff415af21b6792d78df6c9f4326ca7af21d | Triage

Sharing

General

Target

152e20e7fdb468b62495f1db262ceff415af21b6792d78df6c9f4326ca7af21d
Size

556KB
Sample

221127-dc1f2adh59
MD5

f227ccce672b641e25a73a6a255eb1fc
SHA1

bb503fdb23414e91d77b265443c30c0c1e995edd
SHA256

152e20e7fdb468b62495f1db262ceff415af21b6792d78df6c9f4326ca7af21d
SHA512

8d55eedc7d7a58ce9c2f27a355b94e2522596adcb37a29b79806b6a79f48f1771ad8e3106fe8e222c91a315170bb4d692040ddcfb1c053da7798ba9cbce4bee9
SSDEEP

12288:KIk5ae9qWpaHSKZBLej9r1fIOID0m5HKNw2tCklqpvPY:Zk5ae18SK/C1fXm5T2tCk8Bw

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  152e20e7fdb468b62495f1db262ceff415af21b6792d78df6c9f4326ca7af21d
- Size
  
  556KB
- MD5
  
  f227ccce672b641e25a73a6a255eb1fc
- SHA1
  
  bb503fdb23414e91d77b265443c30c0c1e995edd
- SHA256
  
  152e20e7fdb468b62495f1db262ceff415af21b6792d78df6c9f4326ca7af21d
- SHA512
  
  8d55eedc7d7a58ce9c2f27a355b94e2522596adcb37a29b79806b6a79f48f1771ad8e3106fe8e222c91a315170bb4d692040ddcfb1c053da7798ba9cbce4bee9
- SSDEEP
  
  12288:KIk5ae9qWpaHSKZBLej9r1fIOID0m5HKNw2tCklqpvPY:Zk5ae18SK/C1fXm5T2tCk8Bw
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2