ab3e12a6211b890a5bd766723953cb18822c85902a2d81463d1b9f58551c67c6 | Triage

Sharing

General

Target

ab3e12a6211b890a5bd766723953cb18822c85902a2d81463d1b9f58551c67c6
Size

5.5MB
Sample

230610-yen61agd5z
MD5

1864bad60a4dd284ab7387fb713db447
SHA1

ef9f00670d6fe9dc2a9572c8c0bfb7f54f816d8e
SHA256

ab3e12a6211b890a5bd766723953cb18822c85902a2d81463d1b9f58551c67c6
SHA512

32c34bfe5fca0e23d202042f7de3195a8fb90521e638d5b414c823c165d398066f3eb865fbc2657a55b0f8d2f0d2418728730bedb423acd7bc213b8d9a1fefcb
SSDEEP

98304:FyiNIYiwOBpIeWRsTpLhd872XEzeBbbUkVVkfhoPGYD0/r0g:ni1zwRsTpVd877zEbQhocn

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  ab3e12a6211b890a5bd766723953cb18822c85902a2d81463d1b9f58551c67c6
- Size
  
  5.5MB
- MD5
  
  1864bad60a4dd284ab7387fb713db447
- SHA1
  
  ef9f00670d6fe9dc2a9572c8c0bfb7f54f816d8e
- SHA256
  
  ab3e12a6211b890a5bd766723953cb18822c85902a2d81463d1b9f58551c67c6
- SHA512
  
  32c34bfe5fca0e23d202042f7de3195a8fb90521e638d5b414c823c165d398066f3eb865fbc2657a55b0f8d2f0d2418728730bedb423acd7bc213b8d9a1fefcb
- SSDEEP
  
  98304:FyiNIYiwOBpIeWRsTpLhd872XEzeBbbUkVVkfhoPGYD0/r0g:ni1zwRsTpVd877zEbQhocn
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer