d028c84d3e2dbdbe197788ea520d32bbab7cfa1ba95bc159bdaf77ed80896d39 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d028c84d3e2dbdbe197788ea520d32bbab7cfa1ba95bc159bdaf77ed80896d39
Size

394KB
Sample

230505-2c6vtahc2z
MD5

48bee42650756db6e9501218bbeac23a
SHA1

987533b1b555531ba3a36d86ae00a1e5d6428e34
SHA256

d028c84d3e2dbdbe197788ea520d32bbab7cfa1ba95bc159bdaf77ed80896d39
SHA512

9542392ffb3e709217cf1dbfea9a60a0f7cc99d19ac7bc43ae83680f9b11d6b1aaa3391678f887d667131e1d8bf93cc14abf02011c6e7262fe42da6eb23634bd
SSDEEP

6144:3CxgwPBsUe7KePoy4sPXB7lx2CZK3/xLDqn7b5YCOkq/hGnTQZC2K:3CfPBsR7K4nPXTx+In7PaYnUZC2K

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  d028c84d3e2dbdbe197788ea520d32bbab7cfa1ba95bc159bdaf77ed80896d39
- Size
  
  394KB
- MD5
  
  48bee42650756db6e9501218bbeac23a
- SHA1
  
  987533b1b555531ba3a36d86ae00a1e5d6428e34
- SHA256
  
  d028c84d3e2dbdbe197788ea520d32bbab7cfa1ba95bc159bdaf77ed80896d39
- SHA512
  
  9542392ffb3e709217cf1dbfea9a60a0f7cc99d19ac7bc43ae83680f9b11d6b1aaa3391678f887d667131e1d8bf93cc14abf02011c6e7262fe42da6eb23634bd
- SSDEEP
  
  6144:3CxgwPBsUe7KePoy4sPXB7lx2CZK3/xLDqn7b5YCOkq/hGnTQZC2K:3CfPBsR7K4nPXTx+In7PaYnUZC2K
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer