266191740e249c7a48933f708c04bd6d3bc9cc9a9271b66b8d7871c06dc73b82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

266191740e249c7a48933f708c04bd6d3bc9cc9a9271b66b8d7871c06dc73b82
Size

2.6MB
Sample

231009-y6rffagb3v
MD5

55426461ff092c37d8104ea30de2e7ba
SHA1

6dcbe3c3c155c550f982e787f57aa88b4a9552fd
SHA256

266191740e249c7a48933f708c04bd6d3bc9cc9a9271b66b8d7871c06dc73b82
SHA512

96ecfe708d4d16d2f7577aa544e34cb5386601900e1b6e9920f4e5359322d1686f1d6844accd3dedfc2946b8fb81aa1cee9adb85d750f8d9d84e6fe43b9212c9
SSDEEP

49152:e6N/PApcNWzCFvcYlJtWZn5CBB5R9K2yqVEpXhEQTZ1lsc07PF6VexWfkYLNax0c:33A+0Yt45CBB5WFqA2cVsAkCNo0zxn

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  266191740e249c7a48933f708c04bd6d3bc9cc9a9271b66b8d7871c06dc73b82
- Size
  
  2.6MB
- MD5
  
  55426461ff092c37d8104ea30de2e7ba
- SHA1
  
  6dcbe3c3c155c550f982e787f57aa88b4a9552fd
- SHA256
  
  266191740e249c7a48933f708c04bd6d3bc9cc9a9271b66b8d7871c06dc73b82
- SHA512
  
  96ecfe708d4d16d2f7577aa544e34cb5386601900e1b6e9920f4e5359322d1686f1d6844accd3dedfc2946b8fb81aa1cee9adb85d750f8d9d84e6fe43b9212c9
- SSDEEP
  
  49152:e6N/PApcNWzCFvcYlJtWZn5CBB5R9K2yqVEpXhEQTZ1lsc07PF6VexWfkYLNax0c:33A+0Yt45CBB5WFqA2cVsAkCNo0zxn
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2