b4549b4e7c99d66093fcf2869c35fa6582784c60f524ae85d33605ef48064a36 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4549b4e7c99d66093fcf2869c35fa6582784c60f524ae85d33605ef48064a36
Size

1.8MB
Sample

231011-vvcw5adc62
MD5

2e485b4908691410483bea69b798b596
SHA1

2e26bf4a36a3d9fbcce6ea30cddf84e38b8fccae
SHA256

b4549b4e7c99d66093fcf2869c35fa6582784c60f524ae85d33605ef48064a36
SHA512

c7f6ae2f808d28c8360208f228f052b983fc8827b6052927988067f3aa795dd2747b4d6521d7f128887504f565bdfe151fccbf9402312060c188735439b3d11f
SSDEEP

49152:HK783MoXnFv3dcj7q5LsLp3CceMuczXr/h3S/P+hmBCSmsXVv2A:HK78HXnl3dcj7q5KpyceMuczXF3Suhmd

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  b4549b4e7c99d66093fcf2869c35fa6582784c60f524ae85d33605ef48064a36
- Size
  
  1.8MB
- MD5
  
  2e485b4908691410483bea69b798b596
- SHA1
  
  2e26bf4a36a3d9fbcce6ea30cddf84e38b8fccae
- SHA256
  
  b4549b4e7c99d66093fcf2869c35fa6582784c60f524ae85d33605ef48064a36
- SHA512
  
  c7f6ae2f808d28c8360208f228f052b983fc8827b6052927988067f3aa795dd2747b4d6521d7f128887504f565bdfe151fccbf9402312060c188735439b3d11f
- SSDEEP
  
  49152:HK783MoXnFv3dcj7q5LsLp3CceMuczXr/h3S/P+hmBCSmsXVv2A:HK78HXnl3dcj7q5KpyceMuczXF3Suhmd
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2