35ee95623d1fc8166a773f25f9e8a4c26a5c9b583e897a499aaf96a03dba2fd5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Confirmation_10Feb2023_102510.exe
Size

736KB
Sample

230210-rpprysdc76
MD5

7cfb8021bf676f15ee5232ee793bdf7d
SHA1

4904fd2d88cfdfcfca8a0b0ef855142792cc55a5
SHA256

35ee95623d1fc8166a773f25f9e8a4c26a5c9b583e897a499aaf96a03dba2fd5
SHA512

f8f0a48256e252e7c53b6d9147260553c5e755cfeb9bec2f2f28cc45050e5cf647f89ada36db87813885b92beeacf5ad88a91ee828268b547347d67cd445044c
SSDEEP

12288:3TqWinskP5tlFjD2zEl3HB2jC37DXjbMppIp7KmmeyrJ:DqNnskBtlFjD2zExsC37TvMppIMukJ

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Confirmation_10Feb2023_102510.exe
- Size
  
  736KB
- MD5
  
  7cfb8021bf676f15ee5232ee793bdf7d
- SHA1
  
  4904fd2d88cfdfcfca8a0b0ef855142792cc55a5
- SHA256
  
  35ee95623d1fc8166a773f25f9e8a4c26a5c9b583e897a499aaf96a03dba2fd5
- SHA512
  
  f8f0a48256e252e7c53b6d9147260553c5e755cfeb9bec2f2f28cc45050e5cf647f89ada36db87813885b92beeacf5ad88a91ee828268b547347d67cd445044c
- SSDEEP
  
  12288:3TqWinskP5tlFjD2zEl3HB2jC37DXjbMppIp7KmmeyrJ:DqNnskBtlFjD2zExsC37TvMppIMukJ
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2