f373a21a6b7028cbbac176cc26c28d907082b24fd7c63cc8b43bff18b7fd8612 | Triage

Sharing

General

Target

f373a21a6b7028cbbac176cc26c28d907082b24fd7c63cc8b43bff18b7fd8612
Size

26KB
Sample

231015-tdr42sha9s
MD5

cb2f410087f7426a8d1baad9414e4e5b
SHA1

1352320ff1dfea7fdc6f7f0aa924b720913e17b4
SHA256

f373a21a6b7028cbbac176cc26c28d907082b24fd7c63cc8b43bff18b7fd8612
SHA512

5b0c0e0c4fc165770547316a59f50487a567c33741b54b21f1f8101bc6fe86124a620f691a2c822542c40d10ce91b57ca9a652e18017716a88e4de5e0013e3d0
SSDEEP

384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvgI0:8Q3LotOPNSQVwVVxGKEvKHrVr0

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  f373a21a6b7028cbbac176cc26c28d907082b24fd7c63cc8b43bff18b7fd8612
- Size
  
  26KB
- MD5
  
  cb2f410087f7426a8d1baad9414e4e5b
- SHA1
  
  1352320ff1dfea7fdc6f7f0aa924b720913e17b4
- SHA256
  
  f373a21a6b7028cbbac176cc26c28d907082b24fd7c63cc8b43bff18b7fd8612
- SHA512
  
  5b0c0e0c4fc165770547316a59f50487a567c33741b54b21f1f8101bc6fe86124a620f691a2c822542c40d10ce91b57ca9a652e18017716a88e4de5e0013e3d0
- SSDEEP
  
  384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvgI0:8Q3LotOPNSQVwVVxGKEvKHrVr0
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer