79e6588567217b9a6083c2a47ce4d1ae55d142bae82c18ee16b3014b462c904f | Triage

Sharing

General

Target

79e6588567217b9a6083c2a47ce4d1ae55d142bae82c18ee16b3014b462c904f
Size

4.8MB
Sample

221201-dhgk4scg2x
MD5

b9c9b6a1121071dcc3afac7cef10b987
SHA1

7ec4123c506a76eeaf1904a71263953906687cbf
SHA256

79e6588567217b9a6083c2a47ce4d1ae55d142bae82c18ee16b3014b462c904f
SHA512

ccad975fb3fe467ec16e2951ffada02860817a2b8d2518d9037c590aa533a6d417253fcf2f69d96e82cf28f396b1e8edcc72e7393ddf4f28034b4a1a12cc4fda
SSDEEP

98304:7EK7yYAUDJ4sPgxSAZ5EGh+cDsddihc6TXkBL:txpPHA3DtsdP6TXkB

Score

8^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  79e6588567217b9a6083c2a47ce4d1ae55d142bae82c18ee16b3014b462c904f
- Size
  
  4.8MB
- MD5
  
  b9c9b6a1121071dcc3afac7cef10b987
- SHA1
  
  7ec4123c506a76eeaf1904a71263953906687cbf
- SHA256
  
  79e6588567217b9a6083c2a47ce4d1ae55d142bae82c18ee16b3014b462c904f
- SHA512
  
  ccad975fb3fe467ec16e2951ffada02860817a2b8d2518d9037c590aa533a6d417253fcf2f69d96e82cf28f396b1e8edcc72e7393ddf4f28034b4a1a12cc4fda
- SSDEEP
  
  98304:7EK7yYAUDJ4sPgxSAZ5EGh+cDsddihc6TXkBL:txpPHA3DtsdP6TXkB
Score

8^/10

persistence spyware stealer
- Drops file in Drivers directory
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer