587f4e3f6dec05e10c63833ce94d1c51ed18c8b688b1addc621ac6d1ab77a3d0 | Triage

Sharing

General

Target

587f4e3f6dec05e10c63833ce94d1c51ed18c8b688b1addc621ac6d1ab77a3d0
Size

417KB
Sample

221222-2pgrfsaf31
MD5

ca8536c914e1ae6e707167f4d5481ae4
SHA1

035db5e91c9a44968415170f78b89a14d2ffe807
SHA256

587f4e3f6dec05e10c63833ce94d1c51ed18c8b688b1addc621ac6d1ab77a3d0
SHA512

8d60bb2d1428c5c9c6883e139579b533a086418b7483fa16ced1fbf7bd14de2a6e36843fee072b31aebbc15241fc45d8aa92f828ca4b0141ff767f24f6c375df
SSDEEP

12288:sHQ6KOV604CGe4Dy3ezw6glRR0TCtyYduHNI:h/OV/8Dyuc6mRR0TCAYdE

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  587f4e3f6dec05e10c63833ce94d1c51ed18c8b688b1addc621ac6d1ab77a3d0
- Size
  
  417KB
- MD5
  
  ca8536c914e1ae6e707167f4d5481ae4
- SHA1
  
  035db5e91c9a44968415170f78b89a14d2ffe807
- SHA256
  
  587f4e3f6dec05e10c63833ce94d1c51ed18c8b688b1addc621ac6d1ab77a3d0
- SHA512
  
  8d60bb2d1428c5c9c6883e139579b533a086418b7483fa16ced1fbf7bd14de2a6e36843fee072b31aebbc15241fc45d8aa92f828ca4b0141ff767f24f6c375df
- SSDEEP
  
  12288:sHQ6KOV604CGe4Dy3ezw6glRR0TCtyYduHNI:h/OV/8Dyuc6mRR0TCAYdE
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer