953a3be36c2291489a2c18a7640b914a7b02b8cd4b912f00ffc263b7957ef07b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

953a3be36c2291489a2c18a7640b914a7b02b8cd4b912f00ffc263b7957ef07b
Size

1.4MB
Sample

221129-n1xedsab8w
MD5

041da3e635877536eb71d6ecfc62f451
SHA1

87d769d988ac948216fab29c254a6c1a1923a2a7
SHA256

953a3be36c2291489a2c18a7640b914a7b02b8cd4b912f00ffc263b7957ef07b
SHA512

1f0fb6d0732418a54b8111dda0aec353c7599eab8d72f827baad6002d60edcb72162bcd6f40d4d4b66bfa9bdda0f8e821e7ad717aa5490bc759bb0675f3fdcab
SSDEEP

24576:5iKKKKKSKKKKKKKKKKKKKKKTKKKKKKKKKKKKKK5KKKKKKKdjKKKKQHKKJzlufmxX:cKKKKKSKKKKKKKKKKKKKKKTKKKKKKKKH

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  953a3be36c2291489a2c18a7640b914a7b02b8cd4b912f00ffc263b7957ef07b
- Size
  
  1.4MB
- MD5
  
  041da3e635877536eb71d6ecfc62f451
- SHA1
  
  87d769d988ac948216fab29c254a6c1a1923a2a7
- SHA256
  
  953a3be36c2291489a2c18a7640b914a7b02b8cd4b912f00ffc263b7957ef07b
- SHA512
  
  1f0fb6d0732418a54b8111dda0aec353c7599eab8d72f827baad6002d60edcb72162bcd6f40d4d4b66bfa9bdda0f8e821e7ad717aa5490bc759bb0675f3fdcab
- SSDEEP
  
  24576:5iKKKKKSKKKKKKKKKKKKKKKTKKKKKKKKKKKKKK5KKKKKKKdjKKKKQHKKJzlufmxX:cKKKKKSKKKKKKKKKKKKKKKTKKKKKKKKH
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer