c1bb6e5a0fe376e9a4e27797df90ae3104705c75330d9269bfee3c4860b6565d | Triage

Sharing

General

Target

c1bb6e5a0fe376e9a4e27797df90ae3104705c75330d9269bfee3c4860b6565d
Size

1.7MB
Sample

221128-rxcscseg4v
MD5

6ba0e19b0543adcb37ccd68628cbfe19
SHA1

c2a19550dbcb79791658b40f7391035288dfe201
SHA256

c1bb6e5a0fe376e9a4e27797df90ae3104705c75330d9269bfee3c4860b6565d
SHA512

de700a75604d2f06f3dabcf413af9da78024f5c95474e9d82688d33c63c1ce6612a20a1e0223c385b1de395747179e4662a62fc933e3808b1d3fa2b4c7b59f44
SSDEEP

49152:/nqmARra0Ee/k/PlvOsXNAmpZ3d5UK3dvPNJl36d3SLANOossJy0:FRFnossE0

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  c1bb6e5a0fe376e9a4e27797df90ae3104705c75330d9269bfee3c4860b6565d
- Size
  
  1.7MB
- MD5
  
  6ba0e19b0543adcb37ccd68628cbfe19
- SHA1
  
  c2a19550dbcb79791658b40f7391035288dfe201
- SHA256
  
  c1bb6e5a0fe376e9a4e27797df90ae3104705c75330d9269bfee3c4860b6565d
- SHA512
  
  de700a75604d2f06f3dabcf413af9da78024f5c95474e9d82688d33c63c1ce6612a20a1e0223c385b1de395747179e4662a62fc933e3808b1d3fa2b4c7b59f44
- SSDEEP
  
  49152:/nqmARra0Ee/k/PlvOsXNAmpZ3d5UK3dvPNJl36d3SLANOossJy0:FRFnossE0
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2