0699e4e73c97a7d4a0e2e84dbd8fadc155971235f077994d3d6bab9d526db9bb | Triage

Sharing

General

Target

0699e4e73c97a7d4a0e2e84dbd8fadc155971235f077994d3d6bab9d526db9bb
Size

185KB
Sample

230209-ra7dfsef75
MD5

5b58c510d1b9aa6eb7973deac9e426b0
SHA1

9944238f4a71a377608aa8dd8459167794acd035
SHA256

0699e4e73c97a7d4a0e2e84dbd8fadc155971235f077994d3d6bab9d526db9bb
SHA512

6dde55d01f597dfb9e2b12d5c71446d54b27bc5787df5034cb9fbf9f0ca779c59d54eac1c8ec45731eef046c9aa7f3dd2fb6bbef21b8d44fb064d66be39a1c97
SSDEEP

3072:fbsT7ek3OdH2cmCpf+LTaqj8iNnRLHh3JJWHhH17Qr1UZ9xA3:fbuvU2VCpGhEHwr1UZ9x

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  0699e4e73c97a7d4a0e2e84dbd8fadc155971235f077994d3d6bab9d526db9bb
- Size
  
  185KB
- MD5
  
  5b58c510d1b9aa6eb7973deac9e426b0
- SHA1
  
  9944238f4a71a377608aa8dd8459167794acd035
- SHA256
  
  0699e4e73c97a7d4a0e2e84dbd8fadc155971235f077994d3d6bab9d526db9bb
- SHA512
  
  6dde55d01f597dfb9e2b12d5c71446d54b27bc5787df5034cb9fbf9f0ca779c59d54eac1c8ec45731eef046c9aa7f3dd2fb6bbef21b8d44fb064d66be39a1c97
- SSDEEP
  
  3072:fbsT7ek3OdH2cmCpf+LTaqj8iNnRLHh3JJWHhH17Qr1UZ9xA3:fbuvU2VCpGhEHwr1UZ9x
Score

8^/10

discovery spyware stealer
- Downloads MZ/PE file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer