63980da9dee9d4b423054143063142035540b6b77c561ee1e666fa81e6a2fa5a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63980da9dee9d4b423054143063142035540b6b77c561ee1e666fa81e6a2fa5a
Size

417KB
Sample

230113-seh24ahg48
MD5

92d4c5b1217e553f4ff8497384e11638
SHA1

7db69fd50ed1c16087db7f7d3a588b47ef4244d8
SHA256

63980da9dee9d4b423054143063142035540b6b77c561ee1e666fa81e6a2fa5a
SHA512

23fd8336a4b102f8dbdd9da15c9ed99dc5634dbb295861153b33c0e4cada24d5021b9b58ad88c0fef33ed9909e9539e57bd093f6451d4f9fcaf18b0ea4cfeb76
SSDEEP

12288:1jn6uzdTq1m2iGYFJvkvEGCe3dB+h2SRQZ9P3A:1Bxm1m2i3FFAIeuhUZ9Y

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  63980da9dee9d4b423054143063142035540b6b77c561ee1e666fa81e6a2fa5a
- Size
  
  417KB
- MD5
  
  92d4c5b1217e553f4ff8497384e11638
- SHA1
  
  7db69fd50ed1c16087db7f7d3a588b47ef4244d8
- SHA256
  
  63980da9dee9d4b423054143063142035540b6b77c561ee1e666fa81e6a2fa5a
- SHA512
  
  23fd8336a4b102f8dbdd9da15c9ed99dc5634dbb295861153b33c0e4cada24d5021b9b58ad88c0fef33ed9909e9539e57bd093f6451d4f9fcaf18b0ea4cfeb76
- SSDEEP
  
  12288:1jn6uzdTq1m2iGYFJvkvEGCe3dB+h2SRQZ9P3A:1Bxm1m2i3FFAIeuhUZ9Y
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer