81acd032cf67c7b8900ae5294c6764bdbbbcc2cc8eb01160cde3986348381736 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81acd032cf67c7b8900ae5294c6764bdbbbcc2cc8eb01160cde3986348381736
Size

423KB
Sample

230830-qccfesfe27
MD5

f74cdc139f6ef910eab28f516f30ecf2
SHA1

90ba97c44d54313f2644b7bef6d2e7c35c88c7f9
SHA256

81acd032cf67c7b8900ae5294c6764bdbbbcc2cc8eb01160cde3986348381736
SHA512

72ff9367c68f48c59b67f2d964509d8fa55893c3a1794541657a03cb7cbb28cdea1d97e9e8102db29c9b5ff08ff04d8860d72862dc8f1157725a5db32ac51e41
SSDEEP

6144:FJUpCH+oSSB8YiEeS5HtOCD9Hr9NraTI9YpTXbJT7ZXpcaWxJilhbIDi6:PUVBSB8YiEqWHrfegYpZZXpoxJuhU

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  81acd032cf67c7b8900ae5294c6764bdbbbcc2cc8eb01160cde3986348381736
- Size
  
  423KB
- MD5
  
  f74cdc139f6ef910eab28f516f30ecf2
- SHA1
  
  90ba97c44d54313f2644b7bef6d2e7c35c88c7f9
- SHA256
  
  81acd032cf67c7b8900ae5294c6764bdbbbcc2cc8eb01160cde3986348381736
- SHA512
  
  72ff9367c68f48c59b67f2d964509d8fa55893c3a1794541657a03cb7cbb28cdea1d97e9e8102db29c9b5ff08ff04d8860d72862dc8f1157725a5db32ac51e41
- SSDEEP
  
  6144:FJUpCH+oSSB8YiEeS5HtOCD9Hr9NraTI9YpTXbJT7ZXpcaWxJilhbIDi6:PUVBSB8YiEqWHrfegYpZZXpoxJuhU
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer