d8e62e8cc2bda83cc526967280b0f2bf54e201d01bf04d3c5fdde7d30336b36b | Triage

Sharing

General

Target

d8e62e8cc2bda83cc526967280b0f2bf54e201d01bf04d3c5fdde7d30336b36b
Size

1.7MB
Sample

221128-rvyxtaef4y
MD5

c5e8b05bc755887d5e4089d3312448b7
SHA1

30a92564ea57ec39013bc16d77f378b91e77c313
SHA256

d8e62e8cc2bda83cc526967280b0f2bf54e201d01bf04d3c5fdde7d30336b36b
SHA512

d3169e8c04fb2316dbd8fa57a056bc76f5bda9ba3f8708504c1c51a5a8977c2f95cb7024b3fc2c25694d5b72ac5758edd35f99fe2ef1535f7505e59994dfae82
SSDEEP

49152:6nqmARra0Ee/k/PlvOsXNAmpZ3d5UK3dvPNJl36d3SLANOossJBD:QRFnossXD

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  d8e62e8cc2bda83cc526967280b0f2bf54e201d01bf04d3c5fdde7d30336b36b
- Size
  
  1.7MB
- MD5
  
  c5e8b05bc755887d5e4089d3312448b7
- SHA1
  
  30a92564ea57ec39013bc16d77f378b91e77c313
- SHA256
  
  d8e62e8cc2bda83cc526967280b0f2bf54e201d01bf04d3c5fdde7d30336b36b
- SHA512
  
  d3169e8c04fb2316dbd8fa57a056bc76f5bda9ba3f8708504c1c51a5a8977c2f95cb7024b3fc2c25694d5b72ac5758edd35f99fe2ef1535f7505e59994dfae82
- SSDEEP
  
  49152:6nqmARra0Ee/k/PlvOsXNAmpZ3d5UK3dvPNJl36d3SLANOossJBD:QRFnossXD
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2