bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4 | Triage

Sharing

General

Target

bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4
Size

166KB
Sample

221201-w21r7sbc7z
MD5

0fe723bcaf904778d078ac93c0929957
SHA1

1c0edcab4093b98eae04fada18bcb2afd1159bb3
SHA256

bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4
SHA512

0e2c95dc2d273dec23aa5a5d0b528b71ef536b6c7b6e3feb2b4d7931a85269a0a54e49060860d9147a57e20ac2e592252a9a359f741b54c8eaa0483e6c21e6bf
SSDEEP

3072:NKv0qrbcezlnFcv5VgT4+YPTSHXY/bufobOAKQTKxDJnHI/K/:NW0EjmGlYPTSHXerbbKFx

Score

8^/10

persistence spyware stealer upx

Malware Config

Targets

- Target
  
  bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4
- Size
  
  166KB
- MD5
  
  0fe723bcaf904778d078ac93c0929957
- SHA1
  
  1c0edcab4093b98eae04fada18bcb2afd1159bb3
- SHA256
  
  bfbeab9fa4bcf3165e302180ca636cec1dcdebc458ab07bb08ec4a4bda6026e4
- SHA512
  
  0e2c95dc2d273dec23aa5a5d0b528b71ef536b6c7b6e3feb2b4d7931a85269a0a54e49060860d9147a57e20ac2e592252a9a359f741b54c8eaa0483e6c21e6bf
- SSDEEP
  
  3072:NKv0qrbcezlnFcv5VgT4+YPTSHXY/bufobOAKQTKxDJnHI/K/:NW0EjmGlYPTSHXerbbKFx
Score

8^/10

persistence spyware stealer upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealerupx

behavioral2