a8331fe792f2e7ee6b109eec14bea6e7e3b96e7c8b3cff6103183627a0cbc91d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8331fe792f2e7ee6b109eec14bea6e7e3b96e7c8b3cff6103183627a0cbc91d
Size

308KB
Sample

221205-lr3hyacb71
MD5

4fc229a0bd19b7805f3ed5ee1da71b99
SHA1

064129467a0649d91b151bf0137b20efe3fa5267
SHA256

a8331fe792f2e7ee6b109eec14bea6e7e3b96e7c8b3cff6103183627a0cbc91d
SHA512

54d9e36ea5413d64fd4129a4acac23859ed856d3b594a758177267a952e14f27287902e48a16da58951e8761f7874c3c8a8b162e6c09af3e6d399aca04498c9e
SSDEEP

6144:+mzVWyBtidG3RyJKH/pp1Jhrgfr6XKpWVJl1Zb7baFnp6X+cNb:xzVeaRgKfH1Hrwa7fOnp6X+cB

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  a8331fe792f2e7ee6b109eec14bea6e7e3b96e7c8b3cff6103183627a0cbc91d
- Size
  
  308KB
- MD5
  
  4fc229a0bd19b7805f3ed5ee1da71b99
- SHA1
  
  064129467a0649d91b151bf0137b20efe3fa5267
- SHA256
  
  a8331fe792f2e7ee6b109eec14bea6e7e3b96e7c8b3cff6103183627a0cbc91d
- SHA512
  
  54d9e36ea5413d64fd4129a4acac23859ed856d3b594a758177267a952e14f27287902e48a16da58951e8761f7874c3c8a8b162e6c09af3e6d399aca04498c9e
- SSDEEP
  
  6144:+mzVWyBtidG3RyJKH/pp1Jhrgfr6XKpWVJl1Zb7baFnp6X+cNb:xzVeaRgKfH1Hrwa7fOnp6X+cB
Score

8^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2