2984cc42095b9ca7b4cb99b0525eef17c8f3796b26a87144ec1612d732c5577b | Triage

Sharing

General

Target

ca644887a1d2dcdc64de0c47e2f362e7_JC.exe
Size

300KB
Sample

231012-162mhsfa44
MD5

ca644887a1d2dcdc64de0c47e2f362e7
SHA1

7db9bd63b05b0f3f58c04657e720a2e816e31888
SHA256

2984cc42095b9ca7b4cb99b0525eef17c8f3796b26a87144ec1612d732c5577b
SHA512

d814ed9c376309b5d6c10c02ea113a2804db21cd6481c569374c5e155376c46b15803c66e04816f7d18140cd969019e5f195598b413b81cb906969b18e0e7b99
SSDEEP

6144:xZMaz7KsbyJRtbflrqpJeJw3D/uZNjDGEgplGWxFM:xS0IfllrqpME8dcmW8

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  ca644887a1d2dcdc64de0c47e2f362e7_JC.exe
- Size
  
  300KB
- MD5
  
  ca644887a1d2dcdc64de0c47e2f362e7
- SHA1
  
  7db9bd63b05b0f3f58c04657e720a2e816e31888
- SHA256
  
  2984cc42095b9ca7b4cb99b0525eef17c8f3796b26a87144ec1612d732c5577b
- SHA512
  
  d814ed9c376309b5d6c10c02ea113a2804db21cd6481c569374c5e155376c46b15803c66e04816f7d18140cd969019e5f195598b413b81cb906969b18e0e7b99
- SSDEEP
  
  6144:xZMaz7KsbyJRtbflrqpJeJw3D/uZNjDGEgplGWxFM:xS0IfllrqpME8dcmW8
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer