ff280de1b7694c27f0a10c973f46454e802cd7900bd3e749fcc111e54d784f7f | Triage

Sharing

General

Target

ff280de1b7694c27f0a10c973f46454e802cd7900bd3e749fcc111e54d784f7f
Size

24KB
Sample

221204-d9cq8sha8y
MD5

f52dd568afdf3ab27817d849162a3e71
SHA1

815da8ca05870e6e77fc387195c14f4119c6787e
SHA256

ff280de1b7694c27f0a10c973f46454e802cd7900bd3e749fcc111e54d784f7f
SHA512

c225f68bdc52d4ef60c67a7a8996a032e10fa0b4cc3c8add27ce6b9b6671fd7c5ed02d7c290522c6f277b0dc71bdd47ad2959061dbd2c4c1e90b92f9267a4bb4
SSDEEP

384:vOCaqrpMsc29ZpvyF73t+15raYhLoe0qHUEE9FQhVNLqvW:vOCNNyFA15raYhL/HUEE9FQhVB5

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  ff280de1b7694c27f0a10c973f46454e802cd7900bd3e749fcc111e54d784f7f
- Size
  
  24KB
- MD5
  
  f52dd568afdf3ab27817d849162a3e71
- SHA1
  
  815da8ca05870e6e77fc387195c14f4119c6787e
- SHA256
  
  ff280de1b7694c27f0a10c973f46454e802cd7900bd3e749fcc111e54d784f7f
- SHA512
  
  c225f68bdc52d4ef60c67a7a8996a032e10fa0b4cc3c8add27ce6b9b6671fd7c5ed02d7c290522c6f277b0dc71bdd47ad2959061dbd2c4c1e90b92f9267a4bb4
- SSDEEP
  
  384:vOCaqrpMsc29ZpvyF73t+15raYhLoe0qHUEE9FQhVNLqvW:vOCNNyFA15raYhL/HUEE9FQhVB5
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2