7893fa0c31e50f4df8b963fdd3890c15d56adf7c3295d396b0a07865bb9517d3 | Triage

Sharing

General

Target

7893fa0c31e50f4df8b963fdd3890c15d56adf7c3295d396b0a07865bb9517d3
Size

264KB
Sample

221201-dbzhcacc2s
MD5

e0906240a82c36ee46de6aacf6b3e69b
SHA1

33a56179ae1807acc5c8d0e068d060e7387688c1
SHA256

7893fa0c31e50f4df8b963fdd3890c15d56adf7c3295d396b0a07865bb9517d3
SHA512

fcc3de951d35b7b446fc5517988993e7b51343a2e5f343edb51d3419946a3ba9c7071e199c446108ee86931ef0b8ce22129af67ce1214cab3f46c6d13f1b70b5
SSDEEP

6144:VovRbVNGIDT6TjYgmi1Dw5VfblY4+DDmfFQe:Vovdr3WnYm1DwHb64+Dcn

Score

7^/10

discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  7893fa0c31e50f4df8b963fdd3890c15d56adf7c3295d396b0a07865bb9517d3
- Size
  
  264KB
- MD5
  
  e0906240a82c36ee46de6aacf6b3e69b
- SHA1
  
  33a56179ae1807acc5c8d0e068d060e7387688c1
- SHA256
  
  7893fa0c31e50f4df8b963fdd3890c15d56adf7c3295d396b0a07865bb9517d3
- SHA512
  
  fcc3de951d35b7b446fc5517988993e7b51343a2e5f343edb51d3419946a3ba9c7071e199c446108ee86931ef0b8ce22129af67ce1214cab3f46c6d13f1b70b5
- SSDEEP
  
  6144:VovRbVNGIDT6TjYgmi1Dw5VfblY4+DDmfFQe:Vovdr3WnYm1DwHb64+Dcn
Score

7^/10

discovery persistence spyware stealer
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealer

behavioral2

discoverypersistencespywarestealer