44d775feeb97f7dd148f6e7360b0a13bda2bec2339f09b873d739832d59568fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21e027f6b9ac8a75e11858285d5bf3ab.exe
Size

388KB
Sample

230826-yerbcsef7z
MD5

21e027f6b9ac8a75e11858285d5bf3ab
SHA1

f96c63a3856c581a51543449bf0a7ac7e9a0356f
SHA256

44d775feeb97f7dd148f6e7360b0a13bda2bec2339f09b873d739832d59568fc
SHA512

ad8eca15cc44e6f5e61d5df3c71fa6254d17077e8c6ec3689c6d24e0f0acabed2a2bfa35eabc8b866d438204d5db067daabec74dd464e7006c3bb4ae07867294
SSDEEP

6144:/bPLF9Ocyp/5ci5NkcR3KT8MnIpwW1lSbxzlYK+bZxUn6erkA4uWSi711KTlgvVO:/rRUci5NB3EIblSbn6xWrk0WSi71zfDo

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  21e027f6b9ac8a75e11858285d5bf3ab.exe
- Size
  
  388KB
- MD5
  
  21e027f6b9ac8a75e11858285d5bf3ab
- SHA1
  
  f96c63a3856c581a51543449bf0a7ac7e9a0356f
- SHA256
  
  44d775feeb97f7dd148f6e7360b0a13bda2bec2339f09b873d739832d59568fc
- SHA512
  
  ad8eca15cc44e6f5e61d5df3c71fa6254d17077e8c6ec3689c6d24e0f0acabed2a2bfa35eabc8b866d438204d5db067daabec74dd464e7006c3bb4ae07867294
- SSDEEP
  
  6144:/bPLF9Ocyp/5ci5NkcR3KT8MnIpwW1lSbxzlYK+bZxUn6erkA4uWSi711KTlgvVO:/rRUci5NB3EIblSbn6xWrk0WSi71zfDo
Score

7^/10

spyware stealer
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2