351557d59961dc297842a114854fa9994dd393f2b21573d5b1e1f226e7a00d85 | Triage

Sharing

General

Target

NEAS.177665a5ee74d21541d853e6f2f1f5c0.exe
Size

436KB
Sample

231022-vr3y5sde25
MD5

177665a5ee74d21541d853e6f2f1f5c0
SHA1

ae16420203bd29534ef2e9206dfe2932e9b5e802
SHA256

351557d59961dc297842a114854fa9994dd393f2b21573d5b1e1f226e7a00d85
SHA512

36abbdacba46f9bec5e089af867098fe2083311e9c13bbaf68ab1fcb1946901ee52fb84120f800e56b092cc2d3014318ac50fa081061fca51042cc38baa25b60
SSDEEP

12288:RUs6dFye4fE2dl7wh4Txv9DiUgCd7NCtee2F90xA/OT2fn:RUs6+XcW7wGT7DiUgIRCn2T0mW6fn

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  NEAS.177665a5ee74d21541d853e6f2f1f5c0.exe
- Size
  
  436KB
- MD5
  
  177665a5ee74d21541d853e6f2f1f5c0
- SHA1
  
  ae16420203bd29534ef2e9206dfe2932e9b5e802
- SHA256
  
  351557d59961dc297842a114854fa9994dd393f2b21573d5b1e1f226e7a00d85
- SHA512
  
  36abbdacba46f9bec5e089af867098fe2083311e9c13bbaf68ab1fcb1946901ee52fb84120f800e56b092cc2d3014318ac50fa081061fca51042cc38baa25b60
- SSDEEP
  
  12288:RUs6dFye4fE2dl7wh4Txv9DiUgCd7NCtee2F90xA/OT2fn:RUs6+XcW7wGT7DiUgIRCn2T0mW6fn
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2