a06132d5da8e609172d84f3e3d2578167bca97e9d896c386136b1f98483d0252 | Triage

Sharing

General

Target

Archive.rar
Size

87.4MB
Sample

230827-yxs8nseh4x
MD5

7f969d67d211dcab74af32ff4892ef4b
SHA1

2fde14cfb61bba955c4b2f4b6f923a5090150738
SHA256

a06132d5da8e609172d84f3e3d2578167bca97e9d896c386136b1f98483d0252
SHA512

f8d0595609cd278ce58b211fd248a4a5e080d3183d4e8ba3290e01520f23dffeefde2ad5e809157f3c6744dfefae3fd741e8c213643907dc286b2ac3441034ea
SSDEEP

1572864:wKv8Xx/g5rVeRWowJzkFn5sBw8BTkuBxlthsE8T4+1LIMpWpqmGkAXBMQqDnRh:p0B/Kpe4Hzk15qtIuBxlthh8V1LIdsb0

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Soft.exe
- Size
  
  855.2MB
- MD5
  
  fb61cbd8e373a64a5b5c5224248f28c9
- SHA1
  
  3feaa5e93191412bf21eac0aeb88715c5b02690a
- SHA256
  
  b5fb87f26faf6bfd0bc49d818f67b8ddc06a481cf42d3e61dcc57aba9a6befd4
- SHA512
  
  abd7f27b2024cc94d0f0791eb9c5e3fd17ab1f01a87db8b8c17c8c0ebfd30c206517d1e8889952eb93ae1ca49dc22dcf6405ce54158fb573c0d633cd9e2f561f
- SSDEEP
  
  3072:jJdxYVsvlrk2ycpm1fC/zFJrkWilZ2fkWc6/T+jfOWe2brfnRRQfEfxX6deP:ssvlrxqkpMZwkWc7jf33uEfxqeP
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2