1a2bb2275675d70f133ba5d74bd6c3472eb642c7f08a772db80744b991285d9a | Triage

Sharing

General

Target

1a2bb2275675d70f133ba5d74bd6c3472eb642c7f08a772db80744b991285d9a
Size

392KB
Sample

231010-1nep2ade5v
MD5

bb1fc5bf2231e4c315e80f6ead189fd5
SHA1

29fe8e5c1afb05b3a9fab849db4444e7af9acb50
SHA256

1a2bb2275675d70f133ba5d74bd6c3472eb642c7f08a772db80744b991285d9a
SHA512

6a76e50225b6389bb534096b9cb27ba6efbf22411207012f7e34cb7da17c34525416e38c9c8a2239e5b6c1c3d0b4c91ab1124e2e767823b3d6d43a6bb0a3830d
SSDEEP

6144:8M9HbO5F3+qwu1fMTJQYX7Ca6VKzGVy+4CQjP:j5bO5BidW1szGVp4C

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  1a2bb2275675d70f133ba5d74bd6c3472eb642c7f08a772db80744b991285d9a
- Size
  
  392KB
- MD5
  
  bb1fc5bf2231e4c315e80f6ead189fd5
- SHA1
  
  29fe8e5c1afb05b3a9fab849db4444e7af9acb50
- SHA256
  
  1a2bb2275675d70f133ba5d74bd6c3472eb642c7f08a772db80744b991285d9a
- SHA512
  
  6a76e50225b6389bb534096b9cb27ba6efbf22411207012f7e34cb7da17c34525416e38c9c8a2239e5b6c1c3d0b4c91ab1124e2e767823b3d6d43a6bb0a3830d
- SSDEEP
  
  6144:8M9HbO5F3+qwu1fMTJQYX7Ca6VKzGVy+4CQjP:j5bO5BidW1szGVp4C
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer