25e4a522edaed7b5a38ef23b6c893caa0ad4343ddf61f69f720325522f5a69e4 | Triage

Sharing

General

Target

bf39239f0b1526c68de99294e9c8ef5f
Size

601KB
Sample

230309-scsthsch95
MD5

bf39239f0b1526c68de99294e9c8ef5f
SHA1

e56a2e35f28f6b599cad84160693ea9e8a77ee47
SHA256

25e4a522edaed7b5a38ef23b6c893caa0ad4343ddf61f69f720325522f5a69e4
SHA512

a5027d34656d2c222179427418f14c18ada016c1e4734317bc93482e576f3d3bce2f310f087eb9792f1769eaa449c8523cb7a18cd59a3bf315b744c85000d44e
SSDEEP

12288:DHREStiZc6sOPep0zh5Z6SkX/tvH8DWeWS4pp9zFdP2+MlC/m+ADgfcTQt/N6zRH:DHRESwZc6s70

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  bf39239f0b1526c68de99294e9c8ef5f
- Size
  
  601KB
- MD5
  
  bf39239f0b1526c68de99294e9c8ef5f
- SHA1
  
  e56a2e35f28f6b599cad84160693ea9e8a77ee47
- SHA256
  
  25e4a522edaed7b5a38ef23b6c893caa0ad4343ddf61f69f720325522f5a69e4
- SHA512
  
  a5027d34656d2c222179427418f14c18ada016c1e4734317bc93482e576f3d3bce2f310f087eb9792f1769eaa449c8523cb7a18cd59a3bf315b744c85000d44e
- SSDEEP
  
  12288:DHREStiZc6sOPep0zh5Z6SkX/tvH8DWeWS4pp9zFdP2+MlC/m+ADgfcTQt/N6zRH:DHRESwZc6s70
Score

8^/10

spyware stealer
- Downloads MZ/PE file
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2