450898c7ee1b0115ffa054973206fab358e59780550318e92024cd3326a9fd76 | Triage

Sharing

General

Target

450898c7ee1b0115ffa054973206fab358e59780550318e92024cd3326a9fd76
Size

25KB
Sample

230815-f48b3agh53
MD5

d70f9981940b8e2e45d87283a0ed2309
SHA1

fef9d7587cfff2a369d2b40f4c74a1ada1dec578
SHA256

450898c7ee1b0115ffa054973206fab358e59780550318e92024cd3326a9fd76
SHA512

b3959e8193f4488e8bed75bd59c269f28c0b75efef470d7ac29a77211ba3ad47dd48e494ba0426e327b1147c1db7fb3030d3d95031e8d37c4bb8cab40ec06ae0
SSDEEP

384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvrL:8Q3LotOPNSQVwVVxGKEvKHrVP

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  450898c7ee1b0115ffa054973206fab358e59780550318e92024cd3326a9fd76
- Size
  
  25KB
- MD5
  
  d70f9981940b8e2e45d87283a0ed2309
- SHA1
  
  fef9d7587cfff2a369d2b40f4c74a1ada1dec578
- SHA256
  
  450898c7ee1b0115ffa054973206fab358e59780550318e92024cd3326a9fd76
- SHA512
  
  b3959e8193f4488e8bed75bd59c269f28c0b75efef470d7ac29a77211ba3ad47dd48e494ba0426e327b1147c1db7fb3030d3d95031e8d37c4bb8cab40ec06ae0
- SSDEEP
  
  384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvrL:8Q3LotOPNSQVwVVxGKEvKHrVP
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer