a3e8c898bdb05eb0bf9029a52caf6804fc039754f6cbdba55102134e00f6fdcf | Triage

Sharing

General

Target

a3e8c898bdb05eb0bf9029a52caf6804fc039754f6cbdba55102134e00f6fdcf
Size

25KB
Sample

231005-q4ae5sbd9y
MD5

5710d531c85f62456c353e899f92b0ee
SHA1

a0dc98ccc38367f6c7f484015dfc3b8310f31921
SHA256

a3e8c898bdb05eb0bf9029a52caf6804fc039754f6cbdba55102134e00f6fdcf
SHA512

f473c823e1c89d8eb981dcba70cfb3e213146ef3fa84ee00ed729e70e8f5e8883ee6bd123dcfca93ccd143bfab833e78f7373376d3299d1b3dd12969dbcf862b
SSDEEP

384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjv1K:8Q3LotOPNSQVwVVxGKEvKHrVg

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  a3e8c898bdb05eb0bf9029a52caf6804fc039754f6cbdba55102134e00f6fdcf
- Size
  
  25KB
- MD5
  
  5710d531c85f62456c353e899f92b0ee
- SHA1
  
  a0dc98ccc38367f6c7f484015dfc3b8310f31921
- SHA256
  
  a3e8c898bdb05eb0bf9029a52caf6804fc039754f6cbdba55102134e00f6fdcf
- SHA512
  
  f473c823e1c89d8eb981dcba70cfb3e213146ef3fa84ee00ed729e70e8f5e8883ee6bd123dcfca93ccd143bfab833e78f7373376d3299d1b3dd12969dbcf862b
- SSDEEP
  
  384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjv1K:8Q3LotOPNSQVwVVxGKEvKHrVg
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer