0dd2461aa92c464616a00c277b9b5493ac6f883e017e0cfbfffc4721cbf2e1b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dd2461aa92c464616a00c277b9b5493ac6f883e017e0cfbfffc4721cbf2e1b7
Size

1.0MB
Sample

221129-mzgf4sca82
MD5

b9cebd4843ca34e13be719c066165992
SHA1

ea46eea7ec64a3e12d7219ec0242b5ab7bacd2af
SHA256

0dd2461aa92c464616a00c277b9b5493ac6f883e017e0cfbfffc4721cbf2e1b7
SHA512

c52fc20c113edc2ace08a44f707ebcbab42cad227994da55c7c8055331b0ef1900308ecd13049c863ff4e97fee7930a23eee1b8abdad7a2fe75a6eb10c33077c
SSDEEP

12288:VV3iLxlGuSayMMkKyzQijZg1BjBaPajsiBYHZ/S23v3UxE1pKJ:VV3ieayTkKyLZQaIg/vmRJ

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  0dd2461aa92c464616a00c277b9b5493ac6f883e017e0cfbfffc4721cbf2e1b7
- Size
  
  1.0MB
- MD5
  
  b9cebd4843ca34e13be719c066165992
- SHA1
  
  ea46eea7ec64a3e12d7219ec0242b5ab7bacd2af
- SHA256
  
  0dd2461aa92c464616a00c277b9b5493ac6f883e017e0cfbfffc4721cbf2e1b7
- SHA512
  
  c52fc20c113edc2ace08a44f707ebcbab42cad227994da55c7c8055331b0ef1900308ecd13049c863ff4e97fee7930a23eee1b8abdad7a2fe75a6eb10c33077c
- SSDEEP
  
  12288:VV3iLxlGuSayMMkKyzQijZg1BjBaPajsiBYHZ/S23v3UxE1pKJ:VV3ieayTkKyLZQaIg/vmRJ
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2