0e71df1b933be89f3e7d17aaae75c51d0ae7165e5e9aa18eb9104ad02ff398bf | Triage

Sharing

General

Target

0e71df1b933be89f3e7d17aaae75c51d0ae7165e5e9aa18eb9104ad02ff398bf
Size

2.1MB
Sample

221128-r7cv4sbe48
MD5

38c16af2dc9f2b6b64db3beaef7cc9e4
SHA1

6e2840ef5c90113b75c20e3251560aab30a06b48
SHA256

0e71df1b933be89f3e7d17aaae75c51d0ae7165e5e9aa18eb9104ad02ff398bf
SHA512

97dfcab7e58fc2005fec26d6a104f412c023c0bccaed6a34f8284ff9256a6a8eb6ea496f0ab22db87ffd138fe44e7ff2c8cf12661b5a99faecaeb2fb7ebdfa73
SSDEEP

49152:NzVr5JSYg53XC29FeXW6pBjMkb08EDJ7POOMlbpZ3d5UK3dvPNJl36d3SLAToYso:Pr5gYgywkb0hVIossM2

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  0e71df1b933be89f3e7d17aaae75c51d0ae7165e5e9aa18eb9104ad02ff398bf
- Size
  
  2.1MB
- MD5
  
  38c16af2dc9f2b6b64db3beaef7cc9e4
- SHA1
  
  6e2840ef5c90113b75c20e3251560aab30a06b48
- SHA256
  
  0e71df1b933be89f3e7d17aaae75c51d0ae7165e5e9aa18eb9104ad02ff398bf
- SHA512
  
  97dfcab7e58fc2005fec26d6a104f412c023c0bccaed6a34f8284ff9256a6a8eb6ea496f0ab22db87ffd138fe44e7ff2c8cf12661b5a99faecaeb2fb7ebdfa73
- SSDEEP
  
  49152:NzVr5JSYg53XC29FeXW6pBjMkb08EDJ7POOMlbpZ3d5UK3dvPNJl36d3SLAToYso:Pr5gYgywkb0hVIossM2
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2