a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a
Size

178KB
Sample

221205-llcekaff88
MD5

48242b13fd9c83f63a9cf8165146362c
SHA1

30c15e892b564c3e306c2aba95cc0bf879bc5048
SHA256

a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a
SHA512

f1aa7018b5947bd4943cdfa84af6ac38b8c89cd526c5da3255296aa70aae621ca6e90fde0088544f48484b318cb505befcc6ba327b98da1649ccf413a151b56e
SSDEEP

3072:aG2dCMJTFT5JIQdgGTq9X92C4dlFOpJ2SM1qcfvuA4ZdRLcr/x41KH5mOiIMI1:bCT5JIQdLqIC4dHTSM1ZuxPxcr/rkOCI

Score

8^/10

persistence spyware stealer upx

Malware Config

Targets

- Target
  
  a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a
- Size
  
  178KB
- MD5
  
  48242b13fd9c83f63a9cf8165146362c
- SHA1
  
  30c15e892b564c3e306c2aba95cc0bf879bc5048
- SHA256
  
  a9b9a5907672a54afa3b984cc5bc170583cc7d002376f8730b7d72635d7c0e1a
- SHA512
  
  f1aa7018b5947bd4943cdfa84af6ac38b8c89cd526c5da3255296aa70aae621ca6e90fde0088544f48484b318cb505befcc6ba327b98da1649ccf413a151b56e
- SSDEEP
  
  3072:aG2dCMJTFT5JIQdgGTq9X92C4dlFOpJ2SM1qcfvuA4ZdRLcr/x41KH5mOiIMI1:bCT5JIQdLqIC4dHTSM1ZuxPxcr/rkOCI
Score

8^/10

persistence spyware stealer upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealerupx

behavioral2