ad50b5b800c5b390e8e65521789d101bf468176808d468da776b12c61f43b5c6 | Triage

Sharing

General

Target

ad50b5b800c5b390e8e65521789d101bf468176808d468da776b12c61f43b5c6
Size

335KB
Sample

230201-tpc49sce6y
MD5

bbe48bfd4070fad15961d6a923088b66
SHA1

79f9bf4c5d7c3b527904836b7c2f376214b73f26
SHA256

ad50b5b800c5b390e8e65521789d101bf468176808d468da776b12c61f43b5c6
SHA512

9c6250fc9af68db8a3c06d140d1ddc85db0246bf97ab8bc897df0b1b31523106998aaa283134701b3cea857842d547c79d0b1e77c5ecf214fb9b97b0b07cd7ce
SSDEEP

6144:MqohztwLj0lCDHE+ZKQSvjcrXMlUXID5OB:MqChw30lcsrLYXMl7U

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  ad50b5b800c5b390e8e65521789d101bf468176808d468da776b12c61f43b5c6
- Size
  
  335KB
- MD5
  
  bbe48bfd4070fad15961d6a923088b66
- SHA1
  
  79f9bf4c5d7c3b527904836b7c2f376214b73f26
- SHA256
  
  ad50b5b800c5b390e8e65521789d101bf468176808d468da776b12c61f43b5c6
- SHA512
  
  9c6250fc9af68db8a3c06d140d1ddc85db0246bf97ab8bc897df0b1b31523106998aaa283134701b3cea857842d547c79d0b1e77c5ecf214fb9b97b0b07cd7ce
- SSDEEP
  
  6144:MqohztwLj0lCDHE+ZKQSvjcrXMlUXID5OB:MqChw30lcsrLYXMl7U
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer