8860e1765db3dca11809c9e95b5812a8bd0c93020467e21b3ade31f5edbd1109 | Triage

Sharing

General

Target

8860e1765db3dca11809c9e95b5812a8bd0c93020467e21b3ade31f5edbd1109
Size

384KB
Sample

230108-tf2q9shd8t
MD5

55ae8d6ed5d95d60eec711b19b66ea5a
SHA1

4390917838bf5a9472bd44d29217e097634ecec9
SHA256

8860e1765db3dca11809c9e95b5812a8bd0c93020467e21b3ade31f5edbd1109
SHA512

7af64ec19eb55916a9fb7dc8a7fb126d8451e8710e6f13a1c1a4f2ef9c20550b4dbce5cb4d7e8badebccebb2fadc6cde8d16349211f23d386443bf76b935ac74
SSDEEP

6144:xeLcAb2GeeI3ydkae/rEM4NvDR5B8hJ/QSapRJbnKFdc2BIRNDOuN:xegAb2GE3P7/rEM49Dv22zn2dDBsJ

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  8860e1765db3dca11809c9e95b5812a8bd0c93020467e21b3ade31f5edbd1109
- Size
  
  384KB
- MD5
  
  55ae8d6ed5d95d60eec711b19b66ea5a
- SHA1
  
  4390917838bf5a9472bd44d29217e097634ecec9
- SHA256
  
  8860e1765db3dca11809c9e95b5812a8bd0c93020467e21b3ade31f5edbd1109
- SHA512
  
  7af64ec19eb55916a9fb7dc8a7fb126d8451e8710e6f13a1c1a4f2ef9c20550b4dbce5cb4d7e8badebccebb2fadc6cde8d16349211f23d386443bf76b935ac74
- SSDEEP
  
  6144:xeLcAb2GeeI3ydkae/rEM4NvDR5B8hJ/QSapRJbnKFdc2BIRNDOuN:xegAb2GE3P7/rEM49Dv22zn2dDBsJ
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer