a91d0d1b6a009e40a7b7ddf8b2650e59e39ffa8a300642869e5aa2677397f9f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a91d0d1b6a009e40a7b7ddf8b2650e59e39ffa8a300642869e5aa2677397f9f6
Size

200KB
Sample

221206-tbv3xsbg93
MD5

b6db24f8032febc214092606805885e1
SHA1

eb15feab2d6cf892ef0be3b1f71ebd20d9551c5d
SHA256

a91d0d1b6a009e40a7b7ddf8b2650e59e39ffa8a300642869e5aa2677397f9f6
SHA512

2d7e173648e0384d91378361e60a1791bca645d5bed9d557da8c75bc7ccaeb22c5e65f0eb3741bc0aeec64a20fff03c0ab2e4ff298b8d728ded62313b58cba15
SSDEEP

6144:2Wk7WEM68gnFP0EXrtBeYmueZtzX+vsdm:2Jrd04rtBeYmZZFksd

Score

10^/10

persistence spyware stealer upx

Malware Config

Targets

- Target
  
  a91d0d1b6a009e40a7b7ddf8b2650e59e39ffa8a300642869e5aa2677397f9f6
- Size
  
  200KB
- MD5
  
  b6db24f8032febc214092606805885e1
- SHA1
  
  eb15feab2d6cf892ef0be3b1f71ebd20d9551c5d
- SHA256
  
  a91d0d1b6a009e40a7b7ddf8b2650e59e39ffa8a300642869e5aa2677397f9f6
- SHA512
  
  2d7e173648e0384d91378361e60a1791bca645d5bed9d557da8c75bc7ccaeb22c5e65f0eb3741bc0aeec64a20fff03c0ab2e4ff298b8d728ded62313b58cba15
- SSDEEP
  
  6144:2Wk7WEM68gnFP0EXrtBeYmueZtzX+vsdm:2Jrd04rtBeYmZZFksd
Score

10^/10

persistence spyware stealer upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealerupx

behavioral2