9a34ce7dcaec0789fe78aeec4f6d09c0b14ef4ee7ff33ccd3ea4cca2035abc3f | Triage

Sharing

General

Target

9a34ce7dcaec0789fe78aeec4f6d09c0b14ef4ee7ff33ccd3ea4cca2035abc3f
Size

44KB
Sample

221203-za5hvsgf4x
MD5

57b12273ea91592fd08136185b7fe0e9
SHA1

eaaa3f879b6cb63f289e316aa9e3dd18d75da092
SHA256

9a34ce7dcaec0789fe78aeec4f6d09c0b14ef4ee7ff33ccd3ea4cca2035abc3f
SHA512

7fb8594736243793bbd5e0bf8af15b3001aeb9396d639ba5f19c246d32a0e4d503c2707d1fade90c5631dfaab1954d8c094391d94b1b94b4ad869c81607cc002
SSDEEP

384:sRgZ6jHsQSpG2sn/0bjDoCJWyEdDhQy/Nod2M3y3qOxx83R3/f2T2i3V9ZB3+9PW:siz9sn4qdDha/3y6KE3WLV9ZBOD6D

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  9a34ce7dcaec0789fe78aeec4f6d09c0b14ef4ee7ff33ccd3ea4cca2035abc3f
- Size
  
  44KB
- MD5
  
  57b12273ea91592fd08136185b7fe0e9
- SHA1
  
  eaaa3f879b6cb63f289e316aa9e3dd18d75da092
- SHA256
  
  9a34ce7dcaec0789fe78aeec4f6d09c0b14ef4ee7ff33ccd3ea4cca2035abc3f
- SHA512
  
  7fb8594736243793bbd5e0bf8af15b3001aeb9396d639ba5f19c246d32a0e4d503c2707d1fade90c5631dfaab1954d8c094391d94b1b94b4ad869c81607cc002
- SSDEEP
  
  384:sRgZ6jHsQSpG2sn/0bjDoCJWyEdDhQy/Nod2M3y3qOxx83R3/f2T2i3V9ZB3+9PW:siz9sn4qdDha/3y6KE3WLV9ZBOD6D
Score

7^/10

spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2