078687ab18a3bcb2b0e0fd5b0572e766eb434798b8f191d01d0a9fcc089ea0cd | Triage

Sharing

General

Target

078687ab18a3bcb2b0e0fd5b0572e766eb434798b8f191d01d0a9fcc089ea0cd
Size

1.7MB
Sample

221128-r7zd4sbe68
MD5

a56d9058063584890ff067af4eaae0e3
SHA1

4899644dd5697d682c5bdf1874d27d401c0a1ff9
SHA256

078687ab18a3bcb2b0e0fd5b0572e766eb434798b8f191d01d0a9fcc089ea0cd
SHA512

c55f310a180c442037a046a8f682a8041d527e2aff6d18c0813489f658eaacf820d0c35142906ad2990c93d7e3ef0b08c46cf869dffb6b79a7d52dbc70461a4f
SSDEEP

49152:hnqmARra0Ee/k/PlvOsXNAmpZ3d5UK3dvPNJl36d3SLANOossJXo:rRFnossJo

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  078687ab18a3bcb2b0e0fd5b0572e766eb434798b8f191d01d0a9fcc089ea0cd
- Size
  
  1.7MB
- MD5
  
  a56d9058063584890ff067af4eaae0e3
- SHA1
  
  4899644dd5697d682c5bdf1874d27d401c0a1ff9
- SHA256
  
  078687ab18a3bcb2b0e0fd5b0572e766eb434798b8f191d01d0a9fcc089ea0cd
- SHA512
  
  c55f310a180c442037a046a8f682a8041d527e2aff6d18c0813489f658eaacf820d0c35142906ad2990c93d7e3ef0b08c46cf869dffb6b79a7d52dbc70461a4f
- SSDEEP
  
  49152:hnqmARra0Ee/k/PlvOsXNAmpZ3d5UK3dvPNJl36d3SLANOossJXo:rRFnossJo
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2