16bc432fb8bd0b28cc9964382523f9c18415c7188f629b1a1b865acea7e07b09 | Triage

Sharing

General

Target

16bc432fb8bd0b28cc9964382523f9c18415c7188f629b1a1b865acea7e07b09exe_JC.exe
Size

248KB
Sample

230802-vbbjysfg66
MD5

88bedbff7827e7d863863bdcd70bda70
SHA1

317e9765d78de2e4ee1e4beb3ffd5016d1379266
SHA256

16bc432fb8bd0b28cc9964382523f9c18415c7188f629b1a1b865acea7e07b09
SHA512

b0c542a788cf85fc38ecce7797c6879081b114bb1c143acb2df4e45a7319778d1f3496d96f84b4d169959e978d031e84b164f531785a6e50b2c119b63dfd0c9b
SSDEEP

3072:s7wWorZg2aH3hHj3gUqJ/qfddLsaezjT+criM3b3sFJSKAyGDU5h:s7botg2aXsJyfbLsaQiMjszSKAM5

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  16bc432fb8bd0b28cc9964382523f9c18415c7188f629b1a1b865acea7e07b09exe_JC.exe
- Size
  
  248KB
- MD5
  
  88bedbff7827e7d863863bdcd70bda70
- SHA1
  
  317e9765d78de2e4ee1e4beb3ffd5016d1379266
- SHA256
  
  16bc432fb8bd0b28cc9964382523f9c18415c7188f629b1a1b865acea7e07b09
- SHA512
  
  b0c542a788cf85fc38ecce7797c6879081b114bb1c143acb2df4e45a7319778d1f3496d96f84b4d169959e978d031e84b164f531785a6e50b2c119b63dfd0c9b
- SSDEEP
  
  3072:s7wWorZg2aH3hHj3gUqJ/qfddLsaezjT+criM3b3sFJSKAyGDU5h:s7botg2aXsJyfbLsaQiMjszSKAM5
Score

7^/10

spyware stealer
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2