269d521a5410e8178d5111a94c812c182937d5840b9a297fc52c031cc8b85ca4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

269d521a5410e8178d5111a94c812c182937d5840b9a297fc52c031cc8b85ca4
Size

819KB
Sample

221206-zb2tcsdh9z
MD5

531a7f3d2f02200a3488086d713c21e8
SHA1

bfa0f73ad440606e906172f0ac36ee2fbab7cf35
SHA256

269d521a5410e8178d5111a94c812c182937d5840b9a297fc52c031cc8b85ca4
SHA512

9a244895ac71b4c65978241ada4b145def48a98a2467ba7045632733e7b547abbb801249c9c7eceddf920c934210c01508ddcc177cf2d68a4225a4af83ff4caf
SSDEEP

12288:+tX9m7PXqcKu0Ar9UZpzzTYIj6vIEOm8I8yOejAL/aao4iHCCfCFUfrpoW6/z:+ttm7/7pd9Kzz61O7yOyAS4NAjI

Score

8^/10

discovery persistence spyware stealer upx

Malware Config

Targets

- Target
  
  269d521a5410e8178d5111a94c812c182937d5840b9a297fc52c031cc8b85ca4
- Size
  
  819KB
- MD5
  
  531a7f3d2f02200a3488086d713c21e8
- SHA1
  
  bfa0f73ad440606e906172f0ac36ee2fbab7cf35
- SHA256
  
  269d521a5410e8178d5111a94c812c182937d5840b9a297fc52c031cc8b85ca4
- SHA512
  
  9a244895ac71b4c65978241ada4b145def48a98a2467ba7045632733e7b547abbb801249c9c7eceddf920c934210c01508ddcc177cf2d68a4225a4af83ff4caf
- SSDEEP
  
  12288:+tX9m7PXqcKu0Ar9UZpzzTYIj6vIEOm8I8yOejAL/aao4iHCCfCFUfrpoW6/z:+ttm7/7pd9Kzz61O7yOyAS4NAjI
Score

8^/10

discovery persistence spyware stealer upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealerupx

behavioral2