42f1be22131894c2864ce621bc70404238a1b543e578dbd122e97acedfd7b283 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42f1be22131894c2864ce621bc70404238a1b543e578dbd122e97acedfd7b283
Size

33KB
Sample

230829-dcgnxscf5v
MD5

24ed449212b42b1b995243659e057b37
SHA1

eeb89455eeaaf305237e6cebe6777f2f322fcc02
SHA256

42f1be22131894c2864ce621bc70404238a1b543e578dbd122e97acedfd7b283
SHA512

aa13e3cc4beaa3854784488566d8205edcf940b3c6a8570ec093542910edfa191c6a1c397b33dabc3d01d87e4980477731013230e64487e144afb752f431365f
SSDEEP

768:0fdgBElOIEvzMXqtwp/lttaL7HP4ATCf0vn4DAwdHtLuQN:0yBaYzMXqtGNttyOf0v4DAyNjN

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  42f1be22131894c2864ce621bc70404238a1b543e578dbd122e97acedfd7b283
- Size
  
  33KB
- MD5
  
  24ed449212b42b1b995243659e057b37
- SHA1
  
  eeb89455eeaaf305237e6cebe6777f2f322fcc02
- SHA256
  
  42f1be22131894c2864ce621bc70404238a1b543e578dbd122e97acedfd7b283
- SHA512
  
  aa13e3cc4beaa3854784488566d8205edcf940b3c6a8570ec093542910edfa191c6a1c397b33dabc3d01d87e4980477731013230e64487e144afb752f431365f
- SSDEEP
  
  768:0fdgBElOIEvzMXqtwp/lttaL7HP4ATCf0vn4DAwdHtLuQN:0yBaYzMXqtGNttyOf0v4DAyNjN
Score

8^/10

spyware stealer
- Drops file in Drivers directory
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2