3b1d2a8456dfefabf62680e9bebf780608fab73c29b7fbd47643630e75e136a3 | Triage

Sharing

General

Target

3b1d2a8456dfefabf62680e9bebf780608fab73c29b7fbd47643630e75e136a3
Size

25KB
Sample

231010-qbj4wadf5z
MD5

4b8261a668e8b609703769edddcb4c97
SHA1

55850fc5db482729a97926a604761b89b2f4f696
SHA256

3b1d2a8456dfefabf62680e9bebf780608fab73c29b7fbd47643630e75e136a3
SHA512

a138dc8da89284b3a440b883abc56a3700997cb6ff10ca3ca3b57f22ea807a31bf88f7f7d09e1f73d7d5b129523b180a2e915bb4372f8d84fb7b707db944a5fd
SSDEEP

384:fJ1mIUcCgKY2mPNIrJwIhn7ytQtJUMTNOt894boE9K/mKHboI3:Xm55gKGPNSHftJDhEvKHbo6

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  3b1d2a8456dfefabf62680e9bebf780608fab73c29b7fbd47643630e75e136a3
- Size
  
  25KB
- MD5
  
  4b8261a668e8b609703769edddcb4c97
- SHA1
  
  55850fc5db482729a97926a604761b89b2f4f696
- SHA256
  
  3b1d2a8456dfefabf62680e9bebf780608fab73c29b7fbd47643630e75e136a3
- SHA512
  
  a138dc8da89284b3a440b883abc56a3700997cb6ff10ca3ca3b57f22ea807a31bf88f7f7d09e1f73d7d5b129523b180a2e915bb4372f8d84fb7b707db944a5fd
- SSDEEP
  
  384:fJ1mIUcCgKY2mPNIrJwIhn7ytQtJUMTNOt894boE9K/mKHboI3:Xm55gKGPNSHftJDhEvKHbo6
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer