f2f958748ed4e2ea045ea199926e77a82a7b17c801d9709ad1d485a77232c901 | Triage

Sharing

General

Target

f2f958748ed4e2ea045ea199926e77a82a7b17c801d9709ad1d485a77232c901
Size

373KB
Sample

230724-ppn5bach83
MD5

190a88a1c4798d1dc166375d2fadb207
SHA1

71c62bb7dbd18b8093942fb8f9b4eb4d596e3efe
SHA256

f2f958748ed4e2ea045ea199926e77a82a7b17c801d9709ad1d485a77232c901
SHA512

b6616a5f81e679cb174a8332d50023061732700e5aebb8d65594f9626948dc2d69bbba770915902f8eabda9974ba94354d9802eb980664a5c85557047498b4a9
SSDEEP

6144:CmpwvuLvSGltwuaf2Zu1UOrTiBpDBBI8uI3W0CLp11:BWvuj3HPJmb2pDPIlp

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  f2f958748ed4e2ea045ea199926e77a82a7b17c801d9709ad1d485a77232c901
- Size
  
  373KB
- MD5
  
  190a88a1c4798d1dc166375d2fadb207
- SHA1
  
  71c62bb7dbd18b8093942fb8f9b4eb4d596e3efe
- SHA256
  
  f2f958748ed4e2ea045ea199926e77a82a7b17c801d9709ad1d485a77232c901
- SHA512
  
  b6616a5f81e679cb174a8332d50023061732700e5aebb8d65594f9626948dc2d69bbba770915902f8eabda9974ba94354d9802eb980664a5c85557047498b4a9
- SSDEEP
  
  6144:CmpwvuLvSGltwuaf2Zu1UOrTiBpDBBI8uI3W0CLp11:BWvuj3HPJmb2pDPIlp
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer