9de0c90a9ad1a1d2e8050513205b6eddf17bd22105d40779367d6789e82c9c30 | Triage

Sharing

General

Target

download.exe
Size

64KB
Sample

231013-qe7pcaaa3w
MD5

9b2dffb5747aea1e6ccc4d2a7055bcf6
SHA1

dcd11aecdcf33b57fbc5528ea8509b2f942df7e8
SHA256

9de0c90a9ad1a1d2e8050513205b6eddf17bd22105d40779367d6789e82c9c30
SHA512

26e4447a2f17069f850288e7b297010ec9caeccf72de971ab86fd81436a8c573ac69106b5d321597d0bf0c51b9618e54662917594f7c4b29e8e25d93412a8e2b
SSDEEP

1536:fBymRmBOBI6RBTXBbBuB5BeBNz4bO9JZk+GRcX1vgzU2AY:fBxRmBOBI6RBTXBbBuB5BeBNpFvx6

Score

7^/10

collection spyware stealer

Malware Config

Targets

- Target
  
  download.exe
- Size
  
  64KB
- MD5
  
  9b2dffb5747aea1e6ccc4d2a7055bcf6
- SHA1
  
  dcd11aecdcf33b57fbc5528ea8509b2f942df7e8
- SHA256
  
  9de0c90a9ad1a1d2e8050513205b6eddf17bd22105d40779367d6789e82c9c30
- SHA512
  
  26e4447a2f17069f850288e7b297010ec9caeccf72de971ab86fd81436a8c573ac69106b5d321597d0bf0c51b9618e54662917594f7c4b29e8e25d93412a8e2b
- SSDEEP
  
  1536:fBymRmBOBI6RBTXBbBuB5BeBNz4bO9JZk+GRcX1vgzU2AY:fBxRmBOBI6RBTXBbBuB5BeBNpFvx6
Score

7^/10

collection spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

collectionspywarestealer

behavioral2

collectionspywarestealer