ca3def819c788dd6ba706a2d4d22b0d4ae5ca989df8c2737ed9fd2b79bc46d00 | Triage

Sharing

General

Target

86c_dump_64.exe
Size

756KB
Sample

230821-jjjpradd6y
MD5

e3519a30942e85e5f93f9e0845cd6dc3
SHA1

216afd3d677a61a247b3344c9b2d296dfc338519
SHA256

ca3def819c788dd6ba706a2d4d22b0d4ae5ca989df8c2737ed9fd2b79bc46d00
SHA512

bf07805eb54f5099797797d88d5f7bca2a2d0335dedcccc70a33b4c76656298243da156eebc8d193aa66393fe8fcdb4711a3586acf68273ed2dce526b11275b8
SSDEEP

12288:OxM8HqxlzIKsVccJIiqq5voUz5s3nIBrJwvLivK7goiGm9z8Ma:GMnxzWmil35s3IBJYivK7g0Q8

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  86c_dump_64.exe
- Size
  
  756KB
- MD5
  
  e3519a30942e85e5f93f9e0845cd6dc3
- SHA1
  
  216afd3d677a61a247b3344c9b2d296dfc338519
- SHA256
  
  ca3def819c788dd6ba706a2d4d22b0d4ae5ca989df8c2737ed9fd2b79bc46d00
- SHA512
  
  bf07805eb54f5099797797d88d5f7bca2a2d0335dedcccc70a33b4c76656298243da156eebc8d193aa66393fe8fcdb4711a3586acf68273ed2dce526b11275b8
- SSDEEP
  
  12288:OxM8HqxlzIKsVccJIiqq5voUz5s3nIBrJwvLivK7goiGm9z8Ma:GMnxzWmil35s3IBJYivK7g0Q8
Score

7^/10

spyware stealer
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2