18dfa886e69641bb8e681733a3be42d153d734e1e103910cde2143fe9fd5c09b | Triage

Sharing

General

Target

18dfa886e69641bb8e681733a3be42d153d734e1e103910cde2143fe9fd5c09b
Size

296KB
Sample

230130-mrrbcaaa97
MD5

eb81124b38dd017142823cd505d53c11
SHA1

44bc9bb37e396b730c4493e240fa18fc4fba5e3d
SHA256

18dfa886e69641bb8e681733a3be42d153d734e1e103910cde2143fe9fd5c09b
SHA512

582c1f64c7d5574151dcc6839ed21e0b5eb60b6ff46ff3e0510ac5f8b530193e35442a47fb9c13da57f0eba7dc0fb69547b644cddcd3c063063e1d4150fa9e85
SSDEEP

6144:4x3LHWuKvAFArWfYj5+Ky7Y0Q1FaIJLVYFnWhzlzfzH:4VDWuKvuiWwwZ7YrFaIFcnWhzlzfzH

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  18dfa886e69641bb8e681733a3be42d153d734e1e103910cde2143fe9fd5c09b
- Size
  
  296KB
- MD5
  
  eb81124b38dd017142823cd505d53c11
- SHA1
  
  44bc9bb37e396b730c4493e240fa18fc4fba5e3d
- SHA256
  
  18dfa886e69641bb8e681733a3be42d153d734e1e103910cde2143fe9fd5c09b
- SHA512
  
  582c1f64c7d5574151dcc6839ed21e0b5eb60b6ff46ff3e0510ac5f8b530193e35442a47fb9c13da57f0eba7dc0fb69547b644cddcd3c063063e1d4150fa9e85
- SSDEEP
  
  6144:4x3LHWuKvAFArWfYj5+Ky7Y0Q1FaIJLVYFnWhzlzfzH:4VDWuKvuiWwwZ7YrFaIFcnWhzlzfzH
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer