199fe2078cbb7162a4081280ad757b73252b218f579517b849677b1c7511db5c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

factura_ITEMFORMACION.com.exe
Size

152KB
Sample

230505-w8brnadh22
MD5

90ed0b8e2fc98e70b8de4e82eee1e0dd
SHA1

fb025ad7a052abe4ec3f0420539c61cb7c047fe5
SHA256

199fe2078cbb7162a4081280ad757b73252b218f579517b849677b1c7511db5c
SHA512

8c67d04e2bf7fddb9c4c1874a684bf8ffd65913e39cf5f4e611bc415074ec6f57d985b4647d789a9d27a1b4d485f55250a495d506b5e003390a0859880a03db4
SSDEEP

3072:k4FYoVT9WRrXShn4JWMt75NZ2DeMbqI7MofJrTXHUasVv2jKn:poznL77ZabeMfx7sVvDn

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  factura_ITEMFORMACION.com.exe
- Size
  
  152KB
- MD5
  
  90ed0b8e2fc98e70b8de4e82eee1e0dd
- SHA1
  
  fb025ad7a052abe4ec3f0420539c61cb7c047fe5
- SHA256
  
  199fe2078cbb7162a4081280ad757b73252b218f579517b849677b1c7511db5c
- SHA512
  
  8c67d04e2bf7fddb9c4c1874a684bf8ffd65913e39cf5f4e611bc415074ec6f57d985b4647d789a9d27a1b4d485f55250a495d506b5e003390a0859880a03db4
- SSDEEP
  
  3072:k4FYoVT9WRrXShn4JWMt75NZ2DeMbqI7MofJrTXHUasVv2jKn:poznL77ZabeMfx7sVvDn
Score

7^/10

spyware stealer
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2