234285bf25600383d245973a6567e7c2acdb125c6471eb377842503fd25239fe | Triage

Sharing

General

Target

Microsoft Toolkit.exe
Size

1.1MB
Sample

230316-yztbfscf77
MD5

371736712388ceda55cd2175282bfc86
SHA1

36ae0978ff85f892dfe1cc5a2af5bc3c93b1dfed
SHA256

234285bf25600383d245973a6567e7c2acdb125c6471eb377842503fd25239fe
SHA512

871bd5eae3813c1b4ed7d065d58a394dd8d2d24a835d07dbc1780d57a1a78ac9ca6e839393e7fec69ceffc0e53e3ee3c88e5f23801c0f5aac23288bf4454c50c
SSDEEP

24576:WxG3B/YkCWHVyvK6TqFfx/2tDw/F8WehDPQNv+J:72kCW1m/G/2t0uTFA+J

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Microsoft Toolkit.exe
- Size
  
  1.1MB
- MD5
  
  371736712388ceda55cd2175282bfc86
- SHA1
  
  36ae0978ff85f892dfe1cc5a2af5bc3c93b1dfed
- SHA256
  
  234285bf25600383d245973a6567e7c2acdb125c6471eb377842503fd25239fe
- SHA512
  
  871bd5eae3813c1b4ed7d065d58a394dd8d2d24a835d07dbc1780d57a1a78ac9ca6e839393e7fec69ceffc0e53e3ee3c88e5f23801c0f5aac23288bf4454c50c
- SSDEEP
  
  24576:WxG3B/YkCWHVyvK6TqFfx/2tDw/F8WehDPQNv+J:72kCW1m/G/2t0uTFA+J
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2