803503b34aba0e065fd5550f1414bf49b66a754778374643c07fceffab2dd0fc | Triage

Resubmissions

15/11/2023, 23:16

231115-289lksff7z 7

15/11/2023, 23:09

231115-25mmmsff6z 7

Sharing

Copy URL Twitter E-mail

General

Target

MariyelsBeta.rar
Size

79.6MB
Sample

231115-25mmmsff6z
MD5

41caf493b226b5a1e2cba8a531c67f93
SHA1

7fc4a638ac39f2566e85d38d8c4dd757bd2efbf9
SHA256

803503b34aba0e065fd5550f1414bf49b66a754778374643c07fceffab2dd0fc
SHA512

f2d728d833476de49ccd5d42473ba66849d9f14c975216d8f4b33fbbd8fa899738115f716832a90bf42a6612db037010ed7db02952a4dba5a282cf3b19ec340e
SSDEEP

1572864:FBsKayucVxltibkSAwUOBOfoRS8eA3RsnxRoodKhBcTXO/Yw4pJn5M:FBBlhnfiXUOcfohl3nodKhSq/YVBi

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  MariyelsBeta/Mariyels.exe
- Size
  
  69.9MB
- MD5
  
  7be7ab39b8b2c204ed4df9d0cb881fff
- SHA1
  
  a4c523c4ea333af5108098d920e0445fa802b364
- SHA256
  
  2edde921715ee580d1a6b4bb13e2239e22c98b1da4df46d32155f1495c1d31a0
- SHA512
  
  261caea1a9ca1c51fe212c0420bedcbf98ae9de95a1cc003e24f507d0df4897774770470acf720b3add1ad09f10d6da32a4be0cfc12aac863c5bdcf7b09f4933
- SSDEEP
  
  1572864:Si5kJopba3yfYHl8zRQcTe/FEd67As/ph6QSoXUwNSyaGDjqS:S6pbaQYHO1QcTeOd60shNVXUwNba0uS
Score

7^/10

discovery spyware stealer
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  MariyelsBeta/UnityCrashHandler64.exe
- Size
  
  1.1MB
- MD5
  
  8e5c932f67125126b936f23f8b331f62
- SHA1
  
  ee7b6953b56257ee7c792c0736ef71f4a83abbce
- SHA256
  
  aa512dd4aed9f78b60441dfc6c10fdbb465199628a67a920a4b53564616a921b
- SHA512
  
  78829be76f1ab66c15d336eb4f0df395e0366f29ac135d1a9da533822bfdb66910ef8c816595e38cad71aeb53af9c678249d204284593b93c49ff5f12b1eacad
- SSDEEP
  
  12288:JLWNlcYyeraLLuLiT2SSYHdSbM+Fh6wk2AdgolZVQfz2fzA1/p:elcYK2WTBSYHdWFUbdgdz+zAL
Score

1^/10
behavioral3 behavioral4
- Target
  
  MariyelsBeta/UnityPlayer.dll
- Size
  
  27.7MB
- MD5
  
  0afb3b37c631873d693008c7a7d852f5
- SHA1
  
  02ad2b431800f50b6249139f0438eb4b91fbace7
- SHA256
  
  cbdc7f1c9e3d5f8a7314dd8dd40d2bcad90cedf1b4c58f651677a1b98c5e5ab0
- SHA512
  
  442eeb37bc22887debc7b53d6f3926c4575c61bb86b1fe868092e58c8f9043d457c91ca009ec0eb21669dfd179954fbca0fd8bf7070031c4a4c0a612080ab3ad
- SSDEEP
  
  393216:f03Ul8UOcmjdFPSc/QTIGLPPIF0U+HFnkLRPmEY6rqJ9K3EYNcpeBqZ+m0bm5mWv:fGlRPIf/YP1t5c
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer

behavioral3

behavioral4

behavioral5

behavioral6