7b82a97e27261aa72f391dfecf5fb132e69b84b4fc8aa46b855032d1ddb3d9f0 | Triage

Sharing

General

Target

7b82a97e27261aa72f391dfecf5fb132e69b84b4fc8aa46b855032d1ddb3d9f0
Size

25KB
Sample

230901-nwec1see4y
MD5

3f2114a6f790014ccea3c43271f090be
SHA1

4689845bf5894bc862a91adc9fa1a14d7eccdb8e
SHA256

7b82a97e27261aa72f391dfecf5fb132e69b84b4fc8aa46b855032d1ddb3d9f0
SHA512

1d65a0267e60e31deec617fd2c394e2982a2feffde0d0e0a240733da7a565fdccb5b0c8bc6c77cef505c19859202fda5fddce0c8d7a5d00d987a979edd3c6b21
SSDEEP

384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvhK:8Q3LotOPNSQVwVVxGKEvKHrVhK

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  7b82a97e27261aa72f391dfecf5fb132e69b84b4fc8aa46b855032d1ddb3d9f0
- Size
  
  25KB
- MD5
  
  3f2114a6f790014ccea3c43271f090be
- SHA1
  
  4689845bf5894bc862a91adc9fa1a14d7eccdb8e
- SHA256
  
  7b82a97e27261aa72f391dfecf5fb132e69b84b4fc8aa46b855032d1ddb3d9f0
- SHA512
  
  1d65a0267e60e31deec617fd2c394e2982a2feffde0d0e0a240733da7a565fdccb5b0c8bc6c77cef505c19859202fda5fddce0c8d7a5d00d987a979edd3c6b21
- SSDEEP
  
  384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvhK:8Q3LotOPNSQVwVVxGKEvKHrVhK
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer