f1c998e5fc20c7681f2af0da9360af52a77500193d74b775066370fb1683514e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.902cbcb75400fec1257f9ffe3e0f6b60.exe
Size

244KB
Sample

231013-zawkyscc6y
MD5

902cbcb75400fec1257f9ffe3e0f6b60
SHA1

d0b4a0178fa3ae49e9404cedab6740fac8307a12
SHA256

f1c998e5fc20c7681f2af0da9360af52a77500193d74b775066370fb1683514e
SHA512

721521e0d83e7c15bc3d28b2ee3464c051dcdd4442d28af1861e2f7ca246553210ebece010b340885e6e33c1c78973663790bf97d683ca27dca196eb446610aa
SSDEEP

6144:vXXvkVpbfwmz0784vdR2Hkq833OhKVXxAiWIyfc2:fUdz0784FUEq86kx8IQ

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  NEAS.902cbcb75400fec1257f9ffe3e0f6b60.exe
- Size
  
  244KB
- MD5
  
  902cbcb75400fec1257f9ffe3e0f6b60
- SHA1
  
  d0b4a0178fa3ae49e9404cedab6740fac8307a12
- SHA256
  
  f1c998e5fc20c7681f2af0da9360af52a77500193d74b775066370fb1683514e
- SHA512
  
  721521e0d83e7c15bc3d28b2ee3464c051dcdd4442d28af1861e2f7ca246553210ebece010b340885e6e33c1c78973663790bf97d683ca27dca196eb446610aa
- SSDEEP
  
  6144:vXXvkVpbfwmz0784vdR2Hkq833OhKVXxAiWIyfc2:fUdz0784FUEq86kx8IQ
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer