b6037aa86f7a852ec21a7a0c8ad84eb0b8e8fc9026131f18989bb8626b658456 | Triage

Sharing

General

Target

b6037aa86f7a852ec21a7a0c8ad84eb0b8e8fc9026131f18989bb8626b658456
Size

1.7MB
Sample

221128-rx86kaeg7y
MD5

a6325a0e9e8d46d9543ee598cdfbf28b
SHA1

185999e8b5ff0f19ead4b7239444e2f09441c7ec
SHA256

b6037aa86f7a852ec21a7a0c8ad84eb0b8e8fc9026131f18989bb8626b658456
SHA512

0fc0e160a47491333eb55c7b9aa955281486a684a93b29383bc9c4a993f6f32938f35ae1c8bcdfa6d4bdfb930151dbb2b5c5adfade8c29401438d66c3d66b6e9
SSDEEP

49152:OnqmARra0Ee/k/PlvOsXNAmpZ3d5UK3dvPNJl36d3SLANOossJwe:URFnossee

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  b6037aa86f7a852ec21a7a0c8ad84eb0b8e8fc9026131f18989bb8626b658456
- Size
  
  1.7MB
- MD5
  
  a6325a0e9e8d46d9543ee598cdfbf28b
- SHA1
  
  185999e8b5ff0f19ead4b7239444e2f09441c7ec
- SHA256
  
  b6037aa86f7a852ec21a7a0c8ad84eb0b8e8fc9026131f18989bb8626b658456
- SHA512
  
  0fc0e160a47491333eb55c7b9aa955281486a684a93b29383bc9c4a993f6f32938f35ae1c8bcdfa6d4bdfb930151dbb2b5c5adfade8c29401438d66c3d66b6e9
- SSDEEP
  
  49152:OnqmARra0Ee/k/PlvOsXNAmpZ3d5UK3dvPNJl36d3SLANOossJwe:URFnossee
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2