e0380878a3db5ab4f7d65e52a01ce099424194304babbdd0ede40ffd274b570c | Triage

Sharing

General

Target

e0380878a3db5ab4f7d65e52a01ce099424194304babbdd0ede40ffd274b570c
Size

25KB
Sample

231014-h5betsae95
MD5

2e409a984fa3f4172c7393e4abd6853d
SHA1

8ef21be10322e4a76211a7be0187d9273fb037e6
SHA256

e0380878a3db5ab4f7d65e52a01ce099424194304babbdd0ede40ffd274b570c
SHA512

ef8b8742dbb8557e519a8dde54d6011d5b61c889d4582e839f8b111775c77d5ac0023d6fd1938f0de4812335c3499b3ddd6340dfc0ce1d7335b2cf3fe2182f24
SSDEEP

384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvT:8Q3LotOPNSQVwVVxGKEvKHrVT

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  e0380878a3db5ab4f7d65e52a01ce099424194304babbdd0ede40ffd274b570c
- Size
  
  25KB
- MD5
  
  2e409a984fa3f4172c7393e4abd6853d
- SHA1
  
  8ef21be10322e4a76211a7be0187d9273fb037e6
- SHA256
  
  e0380878a3db5ab4f7d65e52a01ce099424194304babbdd0ede40ffd274b570c
- SHA512
  
  ef8b8742dbb8557e519a8dde54d6011d5b61c889d4582e839f8b111775c77d5ac0023d6fd1938f0de4812335c3499b3ddd6340dfc0ce1d7335b2cf3fe2182f24
- SSDEEP
  
  384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvT:8Q3LotOPNSQVwVVxGKEvKHrVT
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer