c21d37fa74805b3abcb43e737a42f6f5da51c35c13cacd21c9b4431fbdd6fc54 | Triage

Sharing

General

Target

07ef641c3737f3f129ef08ef7bf400af
Size

2.7MB
Sample

231219-mlmqzacgap
MD5

07ef641c3737f3f129ef08ef7bf400af
SHA1

81567ef4b8336942336c81cc0aa7d2a658a8bbde
SHA256

c21d37fa74805b3abcb43e737a42f6f5da51c35c13cacd21c9b4431fbdd6fc54
SHA512

116561bb62f3e196e11f1c6f083ef09afbad080299d6157459d537184e0e3946cb53a7c57514ed77cfbc91ca16b3d481f4894ad885ee2a3373f6ee3bbf50863b
SSDEEP

49152:U7j7jfYV9zOe4gqmvwa3bBNSlGnPwPszW2Z4eiIijdtpU/eKXMZm3yf2dl:U33S9yfba33fqbGImCf2dl

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  07ef641c3737f3f129ef08ef7bf400af
- Size
  
  2.7MB
- MD5
  
  07ef641c3737f3f129ef08ef7bf400af
- SHA1
  
  81567ef4b8336942336c81cc0aa7d2a658a8bbde
- SHA256
  
  c21d37fa74805b3abcb43e737a42f6f5da51c35c13cacd21c9b4431fbdd6fc54
- SHA512
  
  116561bb62f3e196e11f1c6f083ef09afbad080299d6157459d537184e0e3946cb53a7c57514ed77cfbc91ca16b3d481f4894ad885ee2a3373f6ee3bbf50863b
- SSDEEP
  
  49152:U7j7jfYV9zOe4gqmvwa3bBNSlGnPwPszW2Z4eiIijdtpU/eKXMZm3yf2dl:U33S9yfba33fqbGImCf2dl
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2