b171f2ead3f8742a1270463e0187d726a5094902269e4a41ed73b4e0f4dbd1ab | Triage

Sharing

General

Target

b171f2ead3f8742a1270463e0187d726a5094902269e4a41ed73b4e0f4dbd1ab
Size

292KB
Sample

230214-wt131aee8y
MD5

6a47ff8b979b94f4e07677fc044ecf23
SHA1

3150b453c79266bf7048540060457b7228de3145
SHA256

b171f2ead3f8742a1270463e0187d726a5094902269e4a41ed73b4e0f4dbd1ab
SHA512

438a3a39160ff005bbea274711d781f1d72042592ad39faa1907c85dc4afafc49bc1378ac2982207ee340e6b589a5e063573a0fc4d65320a5f600237eb9fe949
SSDEEP

6144:oLtYzs1Z6TSZgSB4mSdIYMDkcYu5DTG1nfkqLaezypLm9670Oj:ohYzCZ6TqV9YgkcL5HGldBKu65

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  b171f2ead3f8742a1270463e0187d726a5094902269e4a41ed73b4e0f4dbd1ab
- Size
  
  292KB
- MD5
  
  6a47ff8b979b94f4e07677fc044ecf23
- SHA1
  
  3150b453c79266bf7048540060457b7228de3145
- SHA256
  
  b171f2ead3f8742a1270463e0187d726a5094902269e4a41ed73b4e0f4dbd1ab
- SHA512
  
  438a3a39160ff005bbea274711d781f1d72042592ad39faa1907c85dc4afafc49bc1378ac2982207ee340e6b589a5e063573a0fc4d65320a5f600237eb9fe949
- SSDEEP
  
  6144:oLtYzs1Z6TSZgSB4mSdIYMDkcYu5DTG1nfkqLaezypLm9670Oj:ohYzCZ6TqV9YgkcL5HGldBKu65
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer