80bb75b593e95859adf5c8a7d76c4f90c4f4e198eb2a26360790107c1557dc70 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

80bb75b593e95859adf5c8a7d76c4f90c4f4e198eb2a26360790107c1557dc70
Size

290KB
Sample

221201-19pgcsga62
MD5

d52437554abe4de8ba586d02398bbb76
SHA1

005238a22deab58f46768e8f0ae5c8926b128cd3
SHA256

80bb75b593e95859adf5c8a7d76c4f90c4f4e198eb2a26360790107c1557dc70
SHA512

d93fe0a9638543a16b2444e4ba54af9e26f5ce59e84d910494ca487bc93fa2a8f2016acaff493f821bf75e9c64dbe8cc08f16b2e7c4ff110db54121fff5010fb
SSDEEP

6144:fdFQ2RKpq4J2Pd5pv3c9YN/Dg7XAge/o+2VO9iz8irZ/NBwxhqN:fU2cpR2V5pbNUwswvirZ/NGxI

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  80bb75b593e95859adf5c8a7d76c4f90c4f4e198eb2a26360790107c1557dc70
- Size
  
  290KB
- MD5
  
  d52437554abe4de8ba586d02398bbb76
- SHA1
  
  005238a22deab58f46768e8f0ae5c8926b128cd3
- SHA256
  
  80bb75b593e95859adf5c8a7d76c4f90c4f4e198eb2a26360790107c1557dc70
- SHA512
  
  d93fe0a9638543a16b2444e4ba54af9e26f5ce59e84d910494ca487bc93fa2a8f2016acaff493f821bf75e9c64dbe8cc08f16b2e7c4ff110db54121fff5010fb
- SSDEEP
  
  6144:fdFQ2RKpq4J2Pd5pv3c9YN/Dg7XAge/o+2VO9iz8irZ/NBwxhqN:fU2cpR2V5pbNUwswvirZ/NGxI
Score

7^/10

spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2