5a4cb34d23d9400056ecb3a6a601eb14481da673f95a9551110fce29798343d9 | Triage

Sharing

General

Target

5a4cb34d23d9400056ecb3a6a601eb14481da673f95a9551110fce29798343d9
Size

488KB
Sample

230420-l15pnaba9s
MD5

c36d63d74c902ed00aa0e2cb4a40eb59
SHA1

46edea1f2eac09b05c592f4afccd995976e90637
SHA256

5a4cb34d23d9400056ecb3a6a601eb14481da673f95a9551110fce29798343d9
SHA512

3c17261fae5d8372469188865a83e61db78ba10da4b1659cbddb917c1bd28fa4ce2d6eb7f9ec63a5e6153eaf6d5222f533684e98f0c691fbe534eb6ac2b62d15
SSDEEP

6144:hHn/LvKZQB/c0JAwqHXSSqmhFRA1Q9sDI7qcT9XdWU0BplgMr9nBCmR:hHDiZs/TmJXnqoF6aIIGu9XdkpfrNb

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  5a4cb34d23d9400056ecb3a6a601eb14481da673f95a9551110fce29798343d9
- Size
  
  488KB
- MD5
  
  c36d63d74c902ed00aa0e2cb4a40eb59
- SHA1
  
  46edea1f2eac09b05c592f4afccd995976e90637
- SHA256
  
  5a4cb34d23d9400056ecb3a6a601eb14481da673f95a9551110fce29798343d9
- SHA512
  
  3c17261fae5d8372469188865a83e61db78ba10da4b1659cbddb917c1bd28fa4ce2d6eb7f9ec63a5e6153eaf6d5222f533684e98f0c691fbe534eb6ac2b62d15
- SSDEEP
  
  6144:hHn/LvKZQB/c0JAwqHXSSqmhFRA1Q9sDI7qcT9XdWU0BplgMr9nBCmR:hHDiZs/TmJXnqoF6aIIGu9XdkpfrNb
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer