18e66666b3a3d6e8b498fda88368a793ee2d5f54802a8e1b37a29bc351dd3538 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18e66666b3a3d6e8b498fda88368a793ee2d5f54802a8e1b37a29bc351dd3538
Size

398KB
Sample

221227-t6nmbsfc33
MD5

9b3d455c66f8ac6ed0bb4c26fa75b917
SHA1

bbdb6e9e0816dfee1da47b4b4867ee76a41bdf78
SHA256

18e66666b3a3d6e8b498fda88368a793ee2d5f54802a8e1b37a29bc351dd3538
SHA512

a2b2288904a7791fdc50efb4086dd0143f1e81e49fc430c159ac1c72f830017454ce4a0400092d301929040ef5241a2a11e995aff6bac4a22b9958c24f0c632c
SSDEEP

6144:caMLg66AmY8bzVQ3QSRqkHHMkpRizUA58xQ3xDPkMo5zXbAc:NMk6qQAHkHH1/iH58xaxDPyrbA

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  18e66666b3a3d6e8b498fda88368a793ee2d5f54802a8e1b37a29bc351dd3538
- Size
  
  398KB
- MD5
  
  9b3d455c66f8ac6ed0bb4c26fa75b917
- SHA1
  
  bbdb6e9e0816dfee1da47b4b4867ee76a41bdf78
- SHA256
  
  18e66666b3a3d6e8b498fda88368a793ee2d5f54802a8e1b37a29bc351dd3538
- SHA512
  
  a2b2288904a7791fdc50efb4086dd0143f1e81e49fc430c159ac1c72f830017454ce4a0400092d301929040ef5241a2a11e995aff6bac4a22b9958c24f0c632c
- SSDEEP
  
  6144:caMLg66AmY8bzVQ3QSRqkHHMkpRizUA58xQ3xDPkMo5zXbAc:NMk6qQAHkHH1/iH58xaxDPyrbA
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer