42fe9e8874329ce4c5815c11a02c4ee12155785f1ef933f9045e8614dddf6f69 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42fe9e8874329ce4c5815c11a02c4ee12155785f1ef933f9045e8614dddf6f69
Size

1.0MB
Sample

231012-my2qnaec7z
MD5

f4d0f9cc9b9feb6ab64870007bb73571
SHA1

93e665ae9ecde5b8eb4d49d70b662cca0f03a947
SHA256

42fe9e8874329ce4c5815c11a02c4ee12155785f1ef933f9045e8614dddf6f69
SHA512

091a65f2e6d4177684bb168839ac451c8fb66d92aea1f6b689aa06c24433e12d02b0d787d3b9ec18f3379c072cc2964aefb57327f4057d23d69542ac0f75a620
SSDEEP

24576:ceRKWJCRIHZ3NBnQOrPHXyJ8LApDg/bKVYOZg3oqP9:ciKcy4Z3QmP9LqGEgYm

Score

7^/10

collection spyware stealer

Malware Config

Targets

- Target
  
  42fe9e8874329ce4c5815c11a02c4ee12155785f1ef933f9045e8614dddf6f69
- Size
  
  1.0MB
- MD5
  
  f4d0f9cc9b9feb6ab64870007bb73571
- SHA1
  
  93e665ae9ecde5b8eb4d49d70b662cca0f03a947
- SHA256
  
  42fe9e8874329ce4c5815c11a02c4ee12155785f1ef933f9045e8614dddf6f69
- SHA512
  
  091a65f2e6d4177684bb168839ac451c8fb66d92aea1f6b689aa06c24433e12d02b0d787d3b9ec18f3379c072cc2964aefb57327f4057d23d69542ac0f75a620
- SSDEEP
  
  24576:ceRKWJCRIHZ3NBnQOrPHXyJ8LApDg/bKVYOZg3oqP9:ciKcy4Z3QmP9LqGEgYm
Score

7^/10

collection spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectionspywarestealer

behavioral2

collectionspywarestealer