5536dab21201cd14002506aa7bc8abfc1ca0845af1047239a940028aba728e81 | Triage

Sharing

General

Target

5536dab21201cd14002506aa7bc8abfc1ca0845af1047239a940028aba728e81
Size

25KB
Sample

231014-d7bfdseb3x
MD5

88e52cbad4ceb9fe1343403b1399bd45
SHA1

1e1b3b7cdb5241c9ad95194ab2e9795b7c3b4d77
SHA256

5536dab21201cd14002506aa7bc8abfc1ca0845af1047239a940028aba728e81
SHA512

c1bd622be8e9d1d4d3dc7b73a3113743340a186ba22768668a8b6e7885c273cae1b619558f587418ab50e28c0f3ac7807fbd53e808c09cfb44641aa0a5152335
SSDEEP

384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjv//:8Q3LotOPNSQVwVVxGKEvKHrV//

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  5536dab21201cd14002506aa7bc8abfc1ca0845af1047239a940028aba728e81
- Size
  
  25KB
- MD5
  
  88e52cbad4ceb9fe1343403b1399bd45
- SHA1
  
  1e1b3b7cdb5241c9ad95194ab2e9795b7c3b4d77
- SHA256
  
  5536dab21201cd14002506aa7bc8abfc1ca0845af1047239a940028aba728e81
- SHA512
  
  c1bd622be8e9d1d4d3dc7b73a3113743340a186ba22768668a8b6e7885c273cae1b619558f587418ab50e28c0f3ac7807fbd53e808c09cfb44641aa0a5152335
- SSDEEP
  
  384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjv//:8Q3LotOPNSQVwVVxGKEvKHrV//
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer