ab6559954d55a5aba81d4f41a5e2abbf1fdb3c8a1ca51380458eec4e9dea8ab0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab6559954d55a5aba81d4f41a5e2abbf1fdb3c8a1ca51380458eec4e9dea8ab0
Size

486KB
Sample

230412-tfstcsdc65
MD5

53e44f983091803095a1071a6a3c8d6c
SHA1

be397951ebbdb5691711b135e6792d4bafc0950a
SHA256

ab6559954d55a5aba81d4f41a5e2abbf1fdb3c8a1ca51380458eec4e9dea8ab0
SHA512

436228685c80d79d531bcdce5769ba5814cc3e226d609b73bc93dc403e24154363d605850a1ca6bacc463d3208d46005d5608c776e583be73ae642d9ee0a29e6
SSDEEP

12288:CF7n35lg0tldNqIGDGcBuSVyUjanrmceDBCVr:CpnjXqIFvOTCV

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  ab6559954d55a5aba81d4f41a5e2abbf1fdb3c8a1ca51380458eec4e9dea8ab0
- Size
  
  486KB
- MD5
  
  53e44f983091803095a1071a6a3c8d6c
- SHA1
  
  be397951ebbdb5691711b135e6792d4bafc0950a
- SHA256
  
  ab6559954d55a5aba81d4f41a5e2abbf1fdb3c8a1ca51380458eec4e9dea8ab0
- SHA512
  
  436228685c80d79d531bcdce5769ba5814cc3e226d609b73bc93dc403e24154363d605850a1ca6bacc463d3208d46005d5608c776e583be73ae642d9ee0a29e6
- SSDEEP
  
  12288:CF7n35lg0tldNqIGDGcBuSVyUjanrmceDBCVr:CpnjXqIFvOTCV
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer