861fb491a428bedf4581a2e22062cd6b0b483a9727c37cb97dd46ece47853f07 | Triage

Resubmissions

01/04/2023, 21:20

230401-z6wktsec2t 7

01/04/2023, 21:06

230401-zx6dnscg45 7

01/04/2023, 21:02

230401-zvv5xscg36 7

Sharing

Copy URL Twitter E-mail

General

Target

Builder.exe
Size

44.3MB
Sample

230401-zvv5xscg36
MD5

2b3ea74456bb2aaeddeb90438580e72a
SHA1

817a0af8b544ce324dbc1d2635dc2a4a45a8d60f
SHA256

861fb491a428bedf4581a2e22062cd6b0b483a9727c37cb97dd46ece47853f07
SHA512

f82f53e6fc887c3d240189b82859091719d4918fc2cef9831ebb6c215e68e079cd7499e120509b1a40b50c93dd18cf78a2f98b66b172602fcd3f6eba3a68a6c0
SSDEEP

786432:hx7blFrUB+WuAZrY6XGc8ZgvnzLmGg1bWJ:hRblBDWlJJlfvRgNWJ

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Builder.exe
- Size
  
  44.3MB
- MD5
  
  2b3ea74456bb2aaeddeb90438580e72a
- SHA1
  
  817a0af8b544ce324dbc1d2635dc2a4a45a8d60f
- SHA256
  
  861fb491a428bedf4581a2e22062cd6b0b483a9727c37cb97dd46ece47853f07
- SHA512
  
  f82f53e6fc887c3d240189b82859091719d4918fc2cef9831ebb6c215e68e079cd7499e120509b1a40b50c93dd18cf78a2f98b66b172602fcd3f6eba3a68a6c0
- SSDEEP
  
  786432:hx7blFrUB+WuAZrY6XGc8ZgvnzLmGg1bWJ:hRblBDWlJJlfvRgNWJ
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2