874bbc6a06fc963767d5c996516bc205bbe086440e6714284a063421302c1268 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

874bbc6a06fc963767d5c996516bc205bbe086440e6714284a063421302c1268
Size

412KB
Sample

221229-xnv58sha9y
MD5

e393147b396667f4c7a203bd8b78cea9
SHA1

d576c57f332f40a66115b7b47d57d4188b1b1589
SHA256

874bbc6a06fc963767d5c996516bc205bbe086440e6714284a063421302c1268
SHA512

4899a55a6a21830c89f7f6cc731e901cb39375864bf2e6b638ecf839cd3962b165a524761d2b6586b3866a0dacffc349fa4070589b998b29f0848d98a34cbff9
SSDEEP

6144:2LSu+RnMMX0172giqHHGOXxYL6yJqQu7CX0yIxZ1WqqdSJ9R:2+nJXO72ROBk6yJqQu7VdYS

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  874bbc6a06fc963767d5c996516bc205bbe086440e6714284a063421302c1268
- Size
  
  412KB
- MD5
  
  e393147b396667f4c7a203bd8b78cea9
- SHA1
  
  d576c57f332f40a66115b7b47d57d4188b1b1589
- SHA256
  
  874bbc6a06fc963767d5c996516bc205bbe086440e6714284a063421302c1268
- SHA512
  
  4899a55a6a21830c89f7f6cc731e901cb39375864bf2e6b638ecf839cd3962b165a524761d2b6586b3866a0dacffc349fa4070589b998b29f0848d98a34cbff9
- SSDEEP
  
  6144:2LSu+RnMMX0172giqHHGOXxYL6yJqQu7CX0yIxZ1WqqdSJ9R:2+nJXO72ROBk6yJqQu7VdYS
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer