6d8eff5947cf41bb092e212a594cc51d547c3315e3cb95bf690cc54edc8e5c59 | Triage

Sharing

General

Target

6d8eff5947cf41bb092e212a594cc51d547c3315e3cb95bf690cc54edc8e5c59
Size

26KB
Sample

230829-2a7z4agd66
MD5

d283d4c4523e700400b48f43af842e0a
SHA1

56a2b7568d646e016cc4d430a0681d67cbebf04c
SHA256

6d8eff5947cf41bb092e212a594cc51d547c3315e3cb95bf690cc54edc8e5c59
SHA512

764bb6ca911a071351adc3a4bbf6ecca289670a81cba08b5215486a990de8b5b09923d5c67a77c662301aaec54b38292d7f8020156fe326ed8cd51c935c8267e
SSDEEP

384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvhu:8Q3LotOPNSQVwVVxGKEvKHrVs

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  6d8eff5947cf41bb092e212a594cc51d547c3315e3cb95bf690cc54edc8e5c59
- Size
  
  26KB
- MD5
  
  d283d4c4523e700400b48f43af842e0a
- SHA1
  
  56a2b7568d646e016cc4d430a0681d67cbebf04c
- SHA256
  
  6d8eff5947cf41bb092e212a594cc51d547c3315e3cb95bf690cc54edc8e5c59
- SHA512
  
  764bb6ca911a071351adc3a4bbf6ecca289670a81cba08b5215486a990de8b5b09923d5c67a77c662301aaec54b38292d7f8020156fe326ed8cd51c935c8267e
- SSDEEP
  
  384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvhu:8Q3LotOPNSQVwVVxGKEvKHrVs
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer