0438f438d56ec04bbbdb94ab0ebe436b2f75490b32638ea57cd65809055a072c | Triage

Sharing

General

Target

0438f438d56ec04bbbdb94ab0ebe436b2f75490b32638ea57cd65809055a072c
Size

413KB
Sample

230113-elh4sahg6x
MD5

86b2eff03f449de39aeb77c86c4fb8a2
SHA1

eb60e9ef2cb986c70ffaccb90613f382039cf4da
SHA256

0438f438d56ec04bbbdb94ab0ebe436b2f75490b32638ea57cd65809055a072c
SHA512

c19671b9a23453d6eedc05ab663acc962e10babf8a08628c6e0af595400410292fea4c9d9bb81fce855313c32b621cd4fada0d000f1c17a4c67336d409dea448
SSDEEP

6144:nncfNdpbd+de/AWzVYZ/YTpjo1QOO+TqjiWltYaNsDTb0DxTTut2C6wUR:nncfNd6ezVYZwTpjpw6Jvmb09XWdKR

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  0438f438d56ec04bbbdb94ab0ebe436b2f75490b32638ea57cd65809055a072c
- Size
  
  413KB
- MD5
  
  86b2eff03f449de39aeb77c86c4fb8a2
- SHA1
  
  eb60e9ef2cb986c70ffaccb90613f382039cf4da
- SHA256
  
  0438f438d56ec04bbbdb94ab0ebe436b2f75490b32638ea57cd65809055a072c
- SHA512
  
  c19671b9a23453d6eedc05ab663acc962e10babf8a08628c6e0af595400410292fea4c9d9bb81fce855313c32b621cd4fada0d000f1c17a4c67336d409dea448
- SSDEEP
  
  6144:nncfNdpbd+de/AWzVYZ/YTpjo1QOO+TqjiWltYaNsDTb0DxTTut2C6wUR:nncfNd6ezVYZwTpjpw6Jvmb09XWdKR
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer