7f6b3d83c19a10de1dae5f8b008fa42b9ea5d1aaa80732a556d59a31821259ad | Triage

Sharing

General

Target

7f6b3d83c19a10de1dae5f8b008fa42b9ea5d1aaa80732a556d59a31821259ad
Size

1.6MB
Sample

221201-jmdynsgf34
MD5

1d60349bde6f642c894701dcc6735a61
SHA1

eb9da35c858838e499db10c117e1227cd9ab6c8f
SHA256

7f6b3d83c19a10de1dae5f8b008fa42b9ea5d1aaa80732a556d59a31821259ad
SHA512

2f6162a386288472a9e364fba8178b4dc6d28c43109ce84368fb5088cf76ae0c93e0624d939baf05156d4b2e28b0c46598df519e2dbb70e1e3552a4652a8e8d9
SSDEEP

49152:CkK5IVKw/au2e4FE2UgJlLQ7adasXTOjnbIr:NzauKZU1adasyjbW

Score

10^/10

evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  7f6b3d83c19a10de1dae5f8b008fa42b9ea5d1aaa80732a556d59a31821259ad
- Size
  
  1.6MB
- MD5
  
  1d60349bde6f642c894701dcc6735a61
- SHA1
  
  eb9da35c858838e499db10c117e1227cd9ab6c8f
- SHA256
  
  7f6b3d83c19a10de1dae5f8b008fa42b9ea5d1aaa80732a556d59a31821259ad
- SHA512
  
  2f6162a386288472a9e364fba8178b4dc6d28c43109ce84368fb5088cf76ae0c93e0624d939baf05156d4b2e28b0c46598df519e2dbb70e1e3552a4652a8e8d9
- SSDEEP
  
  49152:CkK5IVKw/au2e4FE2UgJlLQ7adasXTOjnbIr:NzauKZU1adasyjbW
Score

10^/10

evasion spyware stealer trojan
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionspywarestealertrojan

behavioral2

evasionspywarestealertrojan