a335acf5bd572150dd9d0ed4341b254e2c244b46ff969579f277afe021381794 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a335acf5bd572150dd9d0ed4341b254e2c244b46ff969579f277afe021381794
Size

27KB
Sample

221205-vpjgqahf69
MD5

732e60e1091cbde6881212c95305522d
SHA1

472d9a3d457d312809ffc0599b18414b0e4b3a62
SHA256

a335acf5bd572150dd9d0ed4341b254e2c244b46ff969579f277afe021381794
SHA512

6791c51ce182504e1ba0c227353e572c8f482f72338abf6e9e6593e0eeed0236dddd63422eaefe56ae4dc0dd62e0e8c41a68ba5e8340273185d8e5bb6507c8e9
SSDEEP

768:kfrWC7QYA0Ak+E8kyaZid6WUEE9FQhVBGn:kvQYAiidB

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  a335acf5bd572150dd9d0ed4341b254e2c244b46ff969579f277afe021381794
- Size
  
  27KB
- MD5
  
  732e60e1091cbde6881212c95305522d
- SHA1
  
  472d9a3d457d312809ffc0599b18414b0e4b3a62
- SHA256
  
  a335acf5bd572150dd9d0ed4341b254e2c244b46ff969579f277afe021381794
- SHA512
  
  6791c51ce182504e1ba0c227353e572c8f482f72338abf6e9e6593e0eeed0236dddd63422eaefe56ae4dc0dd62e0e8c41a68ba5e8340273185d8e5bb6507c8e9
- SSDEEP
  
  768:kfrWC7QYA0Ak+E8kyaZid6WUEE9FQhVBGn:kvQYAiidB
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2