45e9c0fdac110e206f82154251e93311a2d7247266feae48c44dd9c17bc209d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TeamViewerQS_win.exe
Size

8.1MB
Sample

230614-h7c2faed5x
MD5

b71b88b2b5310b90b8e6301ae8597a12
SHA1

11c7976780d54297355e8c3491bb16efe41c3647
SHA256

45e9c0fdac110e206f82154251e93311a2d7247266feae48c44dd9c17bc209d5
SHA512

90c745f0ff8247fbc5ef70dc5ffe0621fc79d82e7006617b74e80c05848d32be3c98c17520f662ea639066c70312ca08f7ed87b67184938e9b9cee30bacfe1aa
SSDEEP

196608:uyTuuE3PNNqe7kEIYmLg3TN8Qd7Kg0oZbPYcz6TX7:nTwPNEeIpRc3Z1kg0oBQcGr

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  TeamViewerQS_win.exe
- Size
  
  8.1MB
- MD5
  
  b71b88b2b5310b90b8e6301ae8597a12
- SHA1
  
  11c7976780d54297355e8c3491bb16efe41c3647
- SHA256
  
  45e9c0fdac110e206f82154251e93311a2d7247266feae48c44dd9c17bc209d5
- SHA512
  
  90c745f0ff8247fbc5ef70dc5ffe0621fc79d82e7006617b74e80c05848d32be3c98c17520f662ea639066c70312ca08f7ed87b67184938e9b9cee30bacfe1aa
- SSDEEP
  
  196608:uyTuuE3PNNqe7kEIYmLg3TN8Qd7Kg0oZbPYcz6TX7:nTwPNEeIpRc3Z1kg0oBQcGr
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2