50ccdc37e4c8101dc9a0ba0d47b8b9037317cb55a077271d2732b837e62758f2 | Triage

Sharing

General

Target

NEAS.8711df0820ec40c7d57696fbf27cb200.exe
Size

569KB
Sample

231021-z9mr4agg27
MD5

8711df0820ec40c7d57696fbf27cb200
SHA1

1470a55b1b7e3ddc41ac49884f142390dd80049e
SHA256

50ccdc37e4c8101dc9a0ba0d47b8b9037317cb55a077271d2732b837e62758f2
SHA512

c0bc3559c3517bae92353fb262366a15a356ea096ac749b3a4c01a45d521409868c5e421dc47175ad7b554dbeea3a60698bfca15eb21c9471f6a09694030944e
SSDEEP

12288:4ddNxD+NTHlwr5o7GiJQljvLLcmwnGvP0nspyMWGea1CNqVOz7:4H+NTHSjgQtLpwnGH0b9Gea1KqVo

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  NEAS.8711df0820ec40c7d57696fbf27cb200.exe
- Size
  
  569KB
- MD5
  
  8711df0820ec40c7d57696fbf27cb200
- SHA1
  
  1470a55b1b7e3ddc41ac49884f142390dd80049e
- SHA256
  
  50ccdc37e4c8101dc9a0ba0d47b8b9037317cb55a077271d2732b837e62758f2
- SHA512
  
  c0bc3559c3517bae92353fb262366a15a356ea096ac749b3a4c01a45d521409868c5e421dc47175ad7b554dbeea3a60698bfca15eb21c9471f6a09694030944e
- SSDEEP
  
  12288:4ddNxD+NTHlwr5o7GiJQljvLLcmwnGvP0nspyMWGea1CNqVOz7:4H+NTHSjgQtLpwnGH0b9Gea1KqVo
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2