ff7982ec2c354f3660e8cb554ee0a2cb1d7e9977359ea4e3126446fceb839b1c | Triage

Sharing

General

Target

ff7982ec2c354f3660e8cb554ee0a2cb1d7e9977359ea4e3126446fceb839b1c
Size

359KB
Sample

230115-rv7jysbg6z
MD5

fa019f492f400817117410efc68217d9
SHA1

9d9efd0c4dab34adbe2262eb4db7a0a1f0bbe23c
SHA256

ff7982ec2c354f3660e8cb554ee0a2cb1d7e9977359ea4e3126446fceb839b1c
SHA512

af2a35d5b5df8c24bc147c02b4ab8552aef0b9593baa05d10113efea092c4749082c3d8f8c128f3f0dc51e667350b322d063969074e5bfc11305626d7ed5184d
SSDEEP

6144:EYAkigCQ5LsgOuQTCJCNE5Ufr30P0rrGiIUWuFn/UNNy:EYjf5LOuQTs35wr30I6iGS8NI

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  ff7982ec2c354f3660e8cb554ee0a2cb1d7e9977359ea4e3126446fceb839b1c
- Size
  
  359KB
- MD5
  
  fa019f492f400817117410efc68217d9
- SHA1
  
  9d9efd0c4dab34adbe2262eb4db7a0a1f0bbe23c
- SHA256
  
  ff7982ec2c354f3660e8cb554ee0a2cb1d7e9977359ea4e3126446fceb839b1c
- SHA512
  
  af2a35d5b5df8c24bc147c02b4ab8552aef0b9593baa05d10113efea092c4749082c3d8f8c128f3f0dc51e667350b322d063969074e5bfc11305626d7ed5184d
- SSDEEP
  
  6144:EYAkigCQ5LsgOuQTCJCNE5Ufr30P0rrGiIUWuFn/UNNy:EYjf5LOuQTs35wr30I6iGS8NI
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer