9feaef5171335ab0c85ba81159ecb583c6ea725470381304e805d71bc180f90d | Triage

Sharing

General

Target

9feaef5171335ab0c85ba81159ecb583c6ea725470381304e805d71bc180f90d
Size

1.7MB
Sample

221128-ry63laeh3x
MD5

b0c9810798b6ee1a3cad5d55666d034a
SHA1

39f264f7fcc19d2a4484ee27c0eaafecd546f707
SHA256

9feaef5171335ab0c85ba81159ecb583c6ea725470381304e805d71bc180f90d
SHA512

737746368582fd511d231cab93aa26f9e9c4a7ae375c0840c379908ec3800502bd6042f07871fe0d074666ca62a9378888f8870b0497ec7b19f7504d06ff1086
SSDEEP

49152:gnqmARra0Ee/k/PlvOsXNAmpZ3d5UK3dvPNJl36d3SLANOossJkg:iRFnoss6g

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  9feaef5171335ab0c85ba81159ecb583c6ea725470381304e805d71bc180f90d
- Size
  
  1.7MB
- MD5
  
  b0c9810798b6ee1a3cad5d55666d034a
- SHA1
  
  39f264f7fcc19d2a4484ee27c0eaafecd546f707
- SHA256
  
  9feaef5171335ab0c85ba81159ecb583c6ea725470381304e805d71bc180f90d
- SHA512
  
  737746368582fd511d231cab93aa26f9e9c4a7ae375c0840c379908ec3800502bd6042f07871fe0d074666ca62a9378888f8870b0497ec7b19f7504d06ff1086
- SSDEEP
  
  49152:gnqmARra0Ee/k/PlvOsXNAmpZ3d5UK3dvPNJl36d3SLANOossJkg:iRFnoss6g
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2