9a82a181d3f81247f88317437892d3339dd2deff66c7fc985aa24b7bc112c9b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cred.dll
Size

1006KB
Sample

231121-rf4vhseh97
MD5

db1112bf054512410acb8b356975e7e8
SHA1

f699bf08d85b2b8409409acc40809009cbff3378
SHA256

9a82a181d3f81247f88317437892d3339dd2deff66c7fc985aa24b7bc112c9b1
SHA512

5b938ad248c8510467e1e63d4462f0a2ed89544227ec5e47bbacea8849d16156b8135def6ce1edca1f60bf99d0887fe66c7f148d96fc199b88d71da28741496b
SSDEEP

24576:DADd8XQFQ8FDJdWNNd1tbVcZUNIIKLOd:DT38m0UNFKLO

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  cred.dll
- Size
  
  1006KB
- MD5
  
  db1112bf054512410acb8b356975e7e8
- SHA1
  
  f699bf08d85b2b8409409acc40809009cbff3378
- SHA256
  
  9a82a181d3f81247f88317437892d3339dd2deff66c7fc985aa24b7bc112c9b1
- SHA512
  
  5b938ad248c8510467e1e63d4462f0a2ed89544227ec5e47bbacea8849d16156b8135def6ce1edca1f60bf99d0887fe66c7f148d96fc199b88d71da28741496b
- SSDEEP
  
  24576:DADd8XQFQ8FDJdWNNd1tbVcZUNIIKLOd:DT38m0UNFKLO
Score

8^/10

spyware stealer
- Blocklisted process makes network request
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2