381e884829e765cbdf83184324a99abe61715781665da56d7e6700f01e3912a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sample.exe
Size

75.8MB
Sample

230324-zh5htsbd7s
MD5

f7d1571fbbdc6a510ff26daeed172170
SHA1

f9a151c5655ce5ee95734665281298943a88f23b
SHA256

381e884829e765cbdf83184324a99abe61715781665da56d7e6700f01e3912a1
SHA512

91f9d0564848b298562e6b2b29adfe70d060eb950345cf12669f8e55a9f5b4c60fd6ea647fa8d6d9905e1e2bf0d36a43247ed63592a5f9c2e526cc89a5ab85c0
SSDEEP

786432:0zSNJtWyuoRCx4Col4rMmEyCc3siXMkSY/I8:0GNJrl4rMp4JnI8

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  sample.exe
- Size
  
  75.8MB
- MD5
  
  f7d1571fbbdc6a510ff26daeed172170
- SHA1
  
  f9a151c5655ce5ee95734665281298943a88f23b
- SHA256
  
  381e884829e765cbdf83184324a99abe61715781665da56d7e6700f01e3912a1
- SHA512
  
  91f9d0564848b298562e6b2b29adfe70d060eb950345cf12669f8e55a9f5b4c60fd6ea647fa8d6d9905e1e2bf0d36a43247ed63592a5f9c2e526cc89a5ab85c0
- SSDEEP
  
  786432:0zSNJtWyuoRCx4Col4rMmEyCc3siXMkSY/I8:0GNJrl4rMp4JnI8
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2