2062f480625832da7c3fa81456a73514194c932009b2038eef430cb48eeba014 | Triage

Sharing

General

Target

3909df10728e9c01e57850894cf7d087.exe
Size

74KB
Sample

221217-a73cbsag8x
MD5

3909df10728e9c01e57850894cf7d087
SHA1

9f1d3633974c6e6251507e92e5801456e30f91d1
SHA256

2062f480625832da7c3fa81456a73514194c932009b2038eef430cb48eeba014
SHA512

9f992ea3a912f8033999b7028d5a9e748362c0d213b28f2d5a88119e220aeb0cb2851e3d880dd09df74df54d96b7a05bafc3f51a1196364a0fc0f6a9d1afa22d
SSDEEP

1536:lefxEVTPl9cOchE2PySGSn95sSb8U5b543npeufE:l3TPLcOcZ78Sb8U5m3nEu8

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  3909df10728e9c01e57850894cf7d087.exe
- Size
  
  74KB
- MD5
  
  3909df10728e9c01e57850894cf7d087
- SHA1
  
  9f1d3633974c6e6251507e92e5801456e30f91d1
- SHA256
  
  2062f480625832da7c3fa81456a73514194c932009b2038eef430cb48eeba014
- SHA512
  
  9f992ea3a912f8033999b7028d5a9e748362c0d213b28f2d5a88119e220aeb0cb2851e3d880dd09df74df54d96b7a05bafc3f51a1196364a0fc0f6a9d1afa22d
- SSDEEP
  
  1536:lefxEVTPl9cOchE2PySGSn95sSb8U5b543npeufE:l3TPLcOcZ78Sb8U5m3nEu8
Score

8^/10

spyware stealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2