21dab36255ac4b3eedab2d41f0792637e764010b8697d057fc8e15133e9ec057 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77a5b6f8f9582d56355e0245577f3d6d.exe
Size

541KB
Sample

230903-h69c9agh48
MD5

77a5b6f8f9582d56355e0245577f3d6d
SHA1

79ceb2766a54bd53d2cef20c80ac446bab0c8c76
SHA256

21dab36255ac4b3eedab2d41f0792637e764010b8697d057fc8e15133e9ec057
SHA512

b5ce5c7a1dc1fd2e038d8416c62bba08cc430a6fa42314a7e021d781ce69710b6989d16f15a4ef1d0a93af4945876fd4ffb3033438e9d149f865d9d36c13260a
SSDEEP

12288:3XYx5OTWypHUodHN12eU63OCsGfKgLUeL/:3Xm5OKypN1OCLsLgLHL/

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  77a5b6f8f9582d56355e0245577f3d6d.exe
- Size
  
  541KB
- MD5
  
  77a5b6f8f9582d56355e0245577f3d6d
- SHA1
  
  79ceb2766a54bd53d2cef20c80ac446bab0c8c76
- SHA256
  
  21dab36255ac4b3eedab2d41f0792637e764010b8697d057fc8e15133e9ec057
- SHA512
  
  b5ce5c7a1dc1fd2e038d8416c62bba08cc430a6fa42314a7e021d781ce69710b6989d16f15a4ef1d0a93af4945876fd4ffb3033438e9d149f865d9d36c13260a
- SSDEEP
  
  12288:3XYx5OTWypHUodHN12eU63OCsGfKgLUeL/:3Xm5OKypN1OCLsLgLHL/
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer