bfc40f821bc86faf61aa929f3bad576c873bdf751172a4963bce0405ddff55cb | Triage

Sharing

General

Target

bfc40f821bc86faf61aa929f3bad576c873bdf751172a4963bce0405ddff55cb
Size

474KB
Sample

230125-nq81fafh35
MD5

4eabeaec81d686af107f7b1ad4e4573a
SHA1

cc05ce25fc12f65b04478d294e52a357f8dde657
SHA256

bfc40f821bc86faf61aa929f3bad576c873bdf751172a4963bce0405ddff55cb
SHA512

cc6aee82db7ad977b27851776aee894d3594e3610bd22907b9edbaa931289a2372e2da9a0e6b0ce0edbbc9a344e11d356cc02e642f9c8a4b5b1b6c386e098a6a
SSDEEP

6144:6LWRewb8LSux1NrTNCclFzJTlp7PJyJ2RVBziCNVNXBSjq7VWRFBMolz90PM:6aR5mdCcl9BlNsAHeIR7VWR5lzqM

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  bfc40f821bc86faf61aa929f3bad576c873bdf751172a4963bce0405ddff55cb
- Size
  
  474KB
- MD5
  
  4eabeaec81d686af107f7b1ad4e4573a
- SHA1
  
  cc05ce25fc12f65b04478d294e52a357f8dde657
- SHA256
  
  bfc40f821bc86faf61aa929f3bad576c873bdf751172a4963bce0405ddff55cb
- SHA512
  
  cc6aee82db7ad977b27851776aee894d3594e3610bd22907b9edbaa931289a2372e2da9a0e6b0ce0edbbc9a344e11d356cc02e642f9c8a4b5b1b6c386e098a6a
- SSDEEP
  
  6144:6LWRewb8LSux1NrTNCclFzJTlp7PJyJ2RVBziCNVNXBSjq7VWRFBMolz90PM:6aR5mdCcl9BlNsAHeIR7VWR5lzqM
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer