2f72f33ba07e5aad80d553e04907773ae41abe39277b8d0dda95bff8e4e83e6f | Triage

Sharing

General

Target

2f72f33ba07e5aad80d553e04907773ae41abe39277b8d0dda95bff8e4e83e6f
Size

1.0MB
Sample

221201-gpamxsag29
MD5

e5a607a5a854fc05b0d6f981d722e2d3
SHA1

bc32ef19ce9ce803bdcc5274dac7a880017f43e9
SHA256

2f72f33ba07e5aad80d553e04907773ae41abe39277b8d0dda95bff8e4e83e6f
SHA512

2a16653ed592e02fff9d9458b8bae0eaa4f6976072bb7e936872ced18b3dd3529cf1bd641b0f1c8d1e79776ab0368a734f6505cb85e2e87599b7b8feff6c6bbb
SSDEEP

24576:295uqjWw1f0QCp4iUTXOkP0IifXXa1+sNsuqY5nI5z:Y4j+f0Q+4i2OkP0I8Xe+s9qqIp

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2f72f33ba07e5aad80d553e04907773ae41abe39277b8d0dda95bff8e4e83e6f
- Size
  
  1.0MB
- MD5
  
  e5a607a5a854fc05b0d6f981d722e2d3
- SHA1
  
  bc32ef19ce9ce803bdcc5274dac7a880017f43e9
- SHA256
  
  2f72f33ba07e5aad80d553e04907773ae41abe39277b8d0dda95bff8e4e83e6f
- SHA512
  
  2a16653ed592e02fff9d9458b8bae0eaa4f6976072bb7e936872ced18b3dd3529cf1bd641b0f1c8d1e79776ab0368a734f6505cb85e2e87599b7b8feff6c6bbb
- SSDEEP
  
  24576:295uqjWw1f0QCp4iUTXOkP0IifXXa1+sNsuqY5nI5z:Y4j+f0Q+4i2OkP0I8Xe+s9qqIp
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2