97173fd1058ba5fb03608696b902f2b1f6760c1997aea3b4d094f26af853d05a | Triage

Submit
Reports

Overview

overview

Static

static

97173fd105...5a.exe

windows7-x64

9

97173fd105...5a.exe

windows10-2004-x64

9

Sharing

General

Target

97173fd1058ba5fb03608696b902f2b1f6760c1997aea3b4d094f26af853d05a
Size

328KB
Sample

221128-k761magc5s
MD5

35dea2e57deb4db483e956752b5c2d85
SHA1

6642f5f041057a6092c71275ffaa1976a5158700
SHA256

97173fd1058ba5fb03608696b902f2b1f6760c1997aea3b4d094f26af853d05a
SHA512

10d761eed6a4debdc1b1dd9c9c1892481d81ddd9216206a1c2d3d8e4b1325d63ca9796e6fd323ef89eb3d1b47997e2fc5839c756b16107c973881c5d9915fa49
SSDEEP

6144:YsuBSE+VDpJYWmlwnx9u6BMf0Cv3g6dg9wx/KjigwBa:TGSE+VF9mOx9ukEv3g6dFx/KjYa

Score

10^/10

collection spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

97173fd1058ba5fb03608696b902f2b1f6760c1997aea3b4d094f26af853d05a.exe

Resource

win7-20221111-en

collection spyware stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

97173fd1058ba5fb03608696b902f2b1f6760c1997aea3b4d094f26af853d05a.exe

Resource

win10v2004-20220901-en

collection spyware stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  97173fd1058ba5fb03608696b902f2b1f6760c1997aea3b4d094f26af853d05a
- Size
  
  328KB
- MD5
  
  35dea2e57deb4db483e956752b5c2d85
- SHA1
  
  6642f5f041057a6092c71275ffaa1976a5158700
- SHA256
  
  97173fd1058ba5fb03608696b902f2b1f6760c1997aea3b4d094f26af853d05a
- SHA512
  
  10d761eed6a4debdc1b1dd9c9c1892481d81ddd9216206a1c2d3d8e4b1325d63ca9796e6fd323ef89eb3d1b47997e2fc5839c756b16107c973881c5d9915fa49
- SSDEEP
  
  6144:YsuBSE+VDpJYWmlwnx9u6BMf0Cv3g6dg9wx/KjigwBa:TGSE+VF9mOx9ukEv3g6dFx/KjYa
Score

9^/10

collection spyware stealer
- NirSoft MailPassView
  Password recovery tool for various email clients
- Nirsoft
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook accounts
  collection
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

collectionspywarestealer

behavioral2

collectionspywarestealer

© 2018-2024

Terms | Privacy