aa44d67ce3fe71c209f0e3e38ea5477b67c2993b96a90516c693957233caaec1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa44d67ce3fe71c209f0e3e38ea5477b67c2993b96a90516c693957233caaec1
Size

503KB
Sample

221203-1mb8hsgd66
MD5

7af218a8d41bacb58a8e9b3c4d21efca
SHA1

0bc0214e5ed23e80aafba7fc6adad62ff4a38803
SHA256

aa44d67ce3fe71c209f0e3e38ea5477b67c2993b96a90516c693957233caaec1
SHA512

e5f004558323ea8a01047a3bbe47bf8b5403cb72f215bf44ed4b9e9d26b5d6cc78b1e9c789db4ab8dadd773b1907a7813627989232e69ee1318cd4e0193fb138
SSDEEP

12288:iG4PV4WaYujoRTq3Qehqn2rbU+r1AsoSL3xRaDg:iPTTML4n2roC1AsoO3

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  aa44d67ce3fe71c209f0e3e38ea5477b67c2993b96a90516c693957233caaec1
- Size
  
  503KB
- MD5
  
  7af218a8d41bacb58a8e9b3c4d21efca
- SHA1
  
  0bc0214e5ed23e80aafba7fc6adad62ff4a38803
- SHA256
  
  aa44d67ce3fe71c209f0e3e38ea5477b67c2993b96a90516c693957233caaec1
- SHA512
  
  e5f004558323ea8a01047a3bbe47bf8b5403cb72f215bf44ed4b9e9d26b5d6cc78b1e9c789db4ab8dadd773b1907a7813627989232e69ee1318cd4e0193fb138
- SSDEEP
  
  12288:iG4PV4WaYujoRTq3Qehqn2rbU+r1AsoSL3xRaDg:iPTTML4n2roC1AsoO3
Score

8^/10

spyware stealer
- Drops file in Drivers directory
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2