c4b1556b4e6200b07fa44d29d460c3036bbf5b4c4902d51fc995f8956315c2fc | Triage

Sharing

General

Target

c4b1556b4e6200b07fa44d29d460c3036bbf5b4c4902d51fc995f8956315c2fc
Size

9.2MB
Sample

230203-m6cfqsef67
MD5

77ab3ef08da5c25a0d2cda9d1e969fd9
SHA1

a25a7835daffcbbf01b09b99a9a7040eef7961d5
SHA256

c4b1556b4e6200b07fa44d29d460c3036bbf5b4c4902d51fc995f8956315c2fc
SHA512

3d673f6d3b29025e249b11ea5344d29b9ecaa09a7c654b2e1a29d585377e7e33921e58b2b8169dd57df8b1db01d4c0a9b11717e2d467d37697937daab77afef8
SSDEEP

196608:8y4k9QT86cvIy/HC2GKStjsMPbvi+6uuge8oxks:2YQw6AIyCvKStJPbvF6ube1k

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  c4b1556b4e6200b07fa44d29d460c3036bbf5b4c4902d51fc995f8956315c2fc
- Size
  
  9.2MB
- MD5
  
  77ab3ef08da5c25a0d2cda9d1e969fd9
- SHA1
  
  a25a7835daffcbbf01b09b99a9a7040eef7961d5
- SHA256
  
  c4b1556b4e6200b07fa44d29d460c3036bbf5b4c4902d51fc995f8956315c2fc
- SHA512
  
  3d673f6d3b29025e249b11ea5344d29b9ecaa09a7c654b2e1a29d585377e7e33921e58b2b8169dd57df8b1db01d4c0a9b11717e2d467d37697937daab77afef8
- SSDEEP
  
  196608:8y4k9QT86cvIy/HC2GKStjsMPbvi+6uuge8oxks:2YQw6AIyCvKStJPbvF6ube1k
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Web Service

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2