45816853564f3cb2f53bc215ff6cfa4454205cf49f60615ec6c862b07ba470af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45816853564f3cb2f53bc215ff6cfa4454205cf49f60615ec6c862b07ba470af
Size

395KB
Sample

230131-s66x8sgh89
MD5

c36f59d126a9e239893679807a90a64a
SHA1

37d9cee135993678e5f6e947a0834da13ea6f719
SHA256

45816853564f3cb2f53bc215ff6cfa4454205cf49f60615ec6c862b07ba470af
SHA512

d90a47e2d0ccda07b4540c40e9ee86e390488a1db20dec499e2549e11158025df274efc18f1999488a84b4970bb302c5cd10ef319d9e90d75e6e0b96ce70360a
SSDEEP

6144:UWcoLnVVjmozHofaerKgcUCmwrTrii0ralGXmqMoIGc8M:jP7EVKgjurTriO4WqM4c

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  45816853564f3cb2f53bc215ff6cfa4454205cf49f60615ec6c862b07ba470af
- Size
  
  395KB
- MD5
  
  c36f59d126a9e239893679807a90a64a
- SHA1
  
  37d9cee135993678e5f6e947a0834da13ea6f719
- SHA256
  
  45816853564f3cb2f53bc215ff6cfa4454205cf49f60615ec6c862b07ba470af
- SHA512
  
  d90a47e2d0ccda07b4540c40e9ee86e390488a1db20dec499e2549e11158025df274efc18f1999488a84b4970bb302c5cd10ef319d9e90d75e6e0b96ce70360a
- SSDEEP
  
  6144:UWcoLnVVjmozHofaerKgcUCmwrTrii0ralGXmqMoIGc8M:jP7EVKgjurTriO4WqM4c
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer