833b77d28c8a3464e4a4f9456237a5fc041b1b8477768e64d4c73ec0634198d6 | Triage

Sharing

General

Target

1afd71884b7460bd5edbd2496bb8739e_JC.exe
Size

74KB
Sample

231011-178r8aff8t
MD5

1afd71884b7460bd5edbd2496bb8739e
SHA1

d9d0eb4e176261ab2e9e353c8f209c0d0a3098c0
SHA256

833b77d28c8a3464e4a4f9456237a5fc041b1b8477768e64d4c73ec0634198d6
SHA512

a4940f6aa7d2ed931ab5e6d80dbae0243549e8a33e7ff9e2ce898951bc29741fa175868b3b1e391daaafda4a2f6c44ea2c984348f44d901fcd91ba55c551fa42
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlDuazTsj:ZRpAyazIlyazTsj

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  1afd71884b7460bd5edbd2496bb8739e_JC.exe
- Size
  
  74KB
- MD5
  
  1afd71884b7460bd5edbd2496bb8739e
- SHA1
  
  d9d0eb4e176261ab2e9e353c8f209c0d0a3098c0
- SHA256
  
  833b77d28c8a3464e4a4f9456237a5fc041b1b8477768e64d4c73ec0634198d6
- SHA512
  
  a4940f6aa7d2ed931ab5e6d80dbae0243549e8a33e7ff9e2ce898951bc29741fa175868b3b1e391daaafda4a2f6c44ea2c984348f44d901fcd91ba55c551fa42
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlDuazTsj:ZRpAyazIlyazTsj
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer