9d621d0ba65534721e901f176d3cfde9bd2e2f975ea2414e65e44b1c29a9d66b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d621d0ba65534721e901f176d3cfde9bd2e2f975ea2414e65e44b1c29a9d66b
Size

458KB
Sample

230109-qtwkmaed26
MD5

5b317167d91369ae50f422d5c41eeccb
SHA1

19bd4bcecdd0d556f5d20d3aed7da26e41c46692
SHA256

9d621d0ba65534721e901f176d3cfde9bd2e2f975ea2414e65e44b1c29a9d66b
SHA512

157fe0d273cddacdea54629192bc38a541d63191cb7d9a04a60fa065e1d145de1973fccc50bcf3682e86c2e318ef0ae22d5005b69c36c2a1bc1f2b7371ad3094
SSDEEP

12288:2DbCgxMMnNkG8YeIpHuaT46odyuCYeP++gb:2nCgxLuG8aLTdpp2+q

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  9d621d0ba65534721e901f176d3cfde9bd2e2f975ea2414e65e44b1c29a9d66b
- Size
  
  458KB
- MD5
  
  5b317167d91369ae50f422d5c41eeccb
- SHA1
  
  19bd4bcecdd0d556f5d20d3aed7da26e41c46692
- SHA256
  
  9d621d0ba65534721e901f176d3cfde9bd2e2f975ea2414e65e44b1c29a9d66b
- SHA512
  
  157fe0d273cddacdea54629192bc38a541d63191cb7d9a04a60fa065e1d145de1973fccc50bcf3682e86c2e318ef0ae22d5005b69c36c2a1bc1f2b7371ad3094
- SSDEEP
  
  12288:2DbCgxMMnNkG8YeIpHuaT46odyuCYeP++gb:2nCgxLuG8aLTdpp2+q
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer