95659010b9d6eade95a68b71a7855238caefd5e3a97abdbfa6dab7d7574a7e85 | Triage

Sharing

General

Target

95659010b9d6eade95a68b71a7855238caefd5e3a97abdbfa6dab7d7574a7e85
Size

52KB
Sample

221205-n7mtjacb9w
MD5

aa5e7ffd0d4d1514111ac720d979536f
SHA1

d368d87bc2b0884387be6a4d2bd3be8c0022fea0
SHA256

95659010b9d6eade95a68b71a7855238caefd5e3a97abdbfa6dab7d7574a7e85
SHA512

dd4ceb5078beadd61bb295c665e1a585fb100c8dfae0c3f6409b368bb349163f8c499da401f18efb5562ed6f3a348916af956e2909b29d03fecda6a7a7a9a12b
SSDEEP

768:jFfkUKZn+JhKgFSb7l8o94G/Xk9q+3rQiF9X3pwy6GW7EM/Q4:jRknx+1SbhJ9pk9tciX+ao/n

Score

10^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  95659010b9d6eade95a68b71a7855238caefd5e3a97abdbfa6dab7d7574a7e85
- Size
  
  52KB
- MD5
  
  aa5e7ffd0d4d1514111ac720d979536f
- SHA1
  
  d368d87bc2b0884387be6a4d2bd3be8c0022fea0
- SHA256
  
  95659010b9d6eade95a68b71a7855238caefd5e3a97abdbfa6dab7d7574a7e85
- SHA512
  
  dd4ceb5078beadd61bb295c665e1a585fb100c8dfae0c3f6409b368bb349163f8c499da401f18efb5562ed6f3a348916af956e2909b29d03fecda6a7a7a9a12b
- SSDEEP
  
  768:jFfkUKZn+JhKgFSb7l8o94G/Xk9q+3rQiF9X3pwy6GW7EM/Q4:jRknx+1SbhJ9pk9tciX+ao/n
Score

10^/10

persistence spyware stealer
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2