e045012044b62da575f059d1146e05e889f8fdd77561844dc51ffb09978de91d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e045012044b62da575f059d1146e05e889f8fdd77561844dc51ffb09978de91d
Size

68KB
Sample

221204-q877zaaa6x
MD5

afa85b31bae2790dff4b307e838b3079
SHA1

1947e401ad497e96cae33392fb46f5c4790724e0
SHA256

e045012044b62da575f059d1146e05e889f8fdd77561844dc51ffb09978de91d
SHA512

0646793b873c79e414ead3de59210588bbded7419e9f4978a830d001f185749559639914dc2bf1eb9e51a6bd2839a54948b6d20f266becd6c81d5a3c38f5cfdf
SSDEEP

768:bqL6raHKk9cCm7sagoc9nnff8dcKgs5DKndzCPuI0tCxLQyUEOwpsR2:bqLPKUsc5glj2phCx8tl2

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  e045012044b62da575f059d1146e05e889f8fdd77561844dc51ffb09978de91d
- Size
  
  68KB
- MD5
  
  afa85b31bae2790dff4b307e838b3079
- SHA1
  
  1947e401ad497e96cae33392fb46f5c4790724e0
- SHA256
  
  e045012044b62da575f059d1146e05e889f8fdd77561844dc51ffb09978de91d
- SHA512
  
  0646793b873c79e414ead3de59210588bbded7419e9f4978a830d001f185749559639914dc2bf1eb9e51a6bd2839a54948b6d20f266becd6c81d5a3c38f5cfdf
- SSDEEP
  
  768:bqL6raHKk9cCm7sagoc9nnff8dcKgs5DKndzCPuI0tCxLQyUEOwpsR2:bqLPKUsc5glj2phCx8tl2
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2