58de3cbe26b4f2b765ab0f530a714ada9fee3fefb83cf2864f66dc25801555ed | Triage

Sharing

General

Target

58de3cbe26b4f2b765ab0f530a714ada9fee3fefb83cf2864f66dc25801555ed
Size

1.8MB
Sample

231007-n21hfaea27
MD5

62ebf1a4e6d40ba2b44f68e9c2c44044
SHA1

0bf682efcd3240160bd9fe3110f3a6b95c558515
SHA256

58de3cbe26b4f2b765ab0f530a714ada9fee3fefb83cf2864f66dc25801555ed
SHA512

794206feafe1cc12ecb4e6551d42d52c7e3f342fc83f3d1fca6109040afd15dd9ac938ca23239e71f03dfda5fa1b51193fe315c233ce5a0db16d7cd53ccd5c04
SSDEEP

49152:rx5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAparh7P9inm4uLZOkZ:rvbjVkjjCAzJwa97P9inmJZNZ

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  58de3cbe26b4f2b765ab0f530a714ada9fee3fefb83cf2864f66dc25801555ed
- Size
  
  1.8MB
- MD5
  
  62ebf1a4e6d40ba2b44f68e9c2c44044
- SHA1
  
  0bf682efcd3240160bd9fe3110f3a6b95c558515
- SHA256
  
  58de3cbe26b4f2b765ab0f530a714ada9fee3fefb83cf2864f66dc25801555ed
- SHA512
  
  794206feafe1cc12ecb4e6551d42d52c7e3f342fc83f3d1fca6109040afd15dd9ac938ca23239e71f03dfda5fa1b51193fe315c233ce5a0db16d7cd53ccd5c04
- SSDEEP
  
  49152:rx5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAparh7P9inm4uLZOkZ:rvbjVkjjCAzJwa97P9inmJZNZ
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2