b5d683e0f613993f4cb13df31a212c1e899fe5e64db5e7e9c3b89c0a26a1948a | Triage

Sharing

General

Target

Setup_WinThruster_2023.exe
Size

7.3MB
Sample

230803-p1kk9sdc53
MD5

31de300c38802ca43c76791fbd9188ca
SHA1

15ef23d6b99e12f4211b5725e0d82d66047e4031
SHA256

b5d683e0f613993f4cb13df31a212c1e899fe5e64db5e7e9c3b89c0a26a1948a
SHA512

67a86e0611e9c9482989237310fe9357e1aaf938a48577cec1cd2196eb756a6aa45369c88fb21000b57f4e14083c165169c4d9b5682fdd526758a9125289765a
SSDEEP

98304:PSiARkjZT+L9iSXS/YdisnD7Jxm36C5F5nLZzy/FyBBhRazbNF3y0HWRR4GyzWDK:gJpC/YdyRnnLZzyAL633r2R2GySHG

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  Setup_WinThruster_2023.exe
- Size
  
  7.3MB
- MD5
  
  31de300c38802ca43c76791fbd9188ca
- SHA1
  
  15ef23d6b99e12f4211b5725e0d82d66047e4031
- SHA256
  
  b5d683e0f613993f4cb13df31a212c1e899fe5e64db5e7e9c3b89c0a26a1948a
- SHA512
  
  67a86e0611e9c9482989237310fe9357e1aaf938a48577cec1cd2196eb756a6aa45369c88fb21000b57f4e14083c165169c4d9b5682fdd526758a9125289765a
- SSDEEP
  
  98304:PSiARkjZT+L9iSXS/YdisnD7Jxm36C5F5nLZzy/FyBBhRazbNF3y0HWRR4GyzWDK:gJpC/YdyRnnLZzyAL633r2R2GySHG
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer