226f5d36ca380bc5ebfeec857ca3e381214f734cfb5da55ffe391ff2a46a1589 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

226f5d36ca380bc5ebfeec857ca3e381214f734cfb5da55ffe391ff2a46a1589
Size

331KB
Sample

230605-qj9dqshd4y
MD5

0e6d98cd1506380f558b444cbddc0d07
SHA1

588693195849c75389317980dd5f4ca179fc573c
SHA256

226f5d36ca380bc5ebfeec857ca3e381214f734cfb5da55ffe391ff2a46a1589
SHA512

14cfec423f609bb643d4b729461b38148e2aa8b1a426b8280a9d7a82d37dbd2be8f3a9eed0a9bbfee604ca5c37e29db6a6073a480bb333fd88d908236888e5be
SSDEEP

3072:WX1419Ufftaf4RGAtqb5FULXYJlVbpXg1o1lIPM6t1uGEQzLMt/FHi8oiXw/XQia:++1W84wl2r6XpXgjHpPCFC81w/kp

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  226f5d36ca380bc5ebfeec857ca3e381214f734cfb5da55ffe391ff2a46a1589
- Size
  
  331KB
- MD5
  
  0e6d98cd1506380f558b444cbddc0d07
- SHA1
  
  588693195849c75389317980dd5f4ca179fc573c
- SHA256
  
  226f5d36ca380bc5ebfeec857ca3e381214f734cfb5da55ffe391ff2a46a1589
- SHA512
  
  14cfec423f609bb643d4b729461b38148e2aa8b1a426b8280a9d7a82d37dbd2be8f3a9eed0a9bbfee604ca5c37e29db6a6073a480bb333fd88d908236888e5be
- SSDEEP
  
  3072:WX1419Ufftaf4RGAtqb5FULXYJlVbpXg1o1lIPM6t1uGEQzLMt/FHi8oiXw/XQia:++1W84wl2r6XpXgjHpPCFC81w/kp
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer