f30668428582321e35956e197cb51ebf64b052dca0c58c1f21f870276716d546 | Triage

Sharing

General

Target

1025416692.exe
Size

518KB
Sample

230307-v4vtasad7x
MD5

af6988c2ca6ee2d42655d3dd9308e8cf
SHA1

1cc3483103670185d7daa9f612a5bac07068c120
SHA256

f30668428582321e35956e197cb51ebf64b052dca0c58c1f21f870276716d546
SHA512

e2acc713280e0f70ecec06b655610a489ac2ab93f8eba7975291f1a2cba783d759b2a9dd68d0b2f1d00b9b6b6e933c9fa0bef3fa193409e3a08787973562ecd2
SSDEEP

12288:QX8vx3NxrCTWXj3hdg1+Folbbi5FEpyMDVoMzSsALDwo2+0pS:QCNx3j3hKkFqb0mnVoM+DwU8S

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  1025416692.exe
- Size
  
  518KB
- MD5
  
  af6988c2ca6ee2d42655d3dd9308e8cf
- SHA1
  
  1cc3483103670185d7daa9f612a5bac07068c120
- SHA256
  
  f30668428582321e35956e197cb51ebf64b052dca0c58c1f21f870276716d546
- SHA512
  
  e2acc713280e0f70ecec06b655610a489ac2ab93f8eba7975291f1a2cba783d759b2a9dd68d0b2f1d00b9b6b6e933c9fa0bef3fa193409e3a08787973562ecd2
- SSDEEP
  
  12288:QX8vx3NxrCTWXj3hdg1+Folbbi5FEpyMDVoMzSsALDwo2+0pS:QCNx3j3hKkFqb0mnVoM+DwU8S
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2