8c2c855b1c9ce1eae94ea7747ab5897b1e8c416ccf5c27caa9b185a9f71f08f3 | Triage

Sharing

General

Target

57e8822cb11b69d558ce53de0d7de4ee
Size

256KB
Sample

231219-th25tadcb3
MD5

57e8822cb11b69d558ce53de0d7de4ee
SHA1

a995c22c87e8a227e09becdd07094d026ca0a207
SHA256

8c2c855b1c9ce1eae94ea7747ab5897b1e8c416ccf5c27caa9b185a9f71f08f3
SHA512

e22dc3a1be7326f76aba3aa53f3a1d0e1079fa61256eeb16742de1a69fe7f7a59cf69d9266c31f6ab04b9c082302ed284a83dcd88a55ff9774e83b50b70b0508
SSDEEP

6144:2dMvtUR3WpmJbWO3Wp6LBCYdi3WpmJbWO3Wp:2dMvttC4sBVC4

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  57e8822cb11b69d558ce53de0d7de4ee
- Size
  
  256KB
- MD5
  
  57e8822cb11b69d558ce53de0d7de4ee
- SHA1
  
  a995c22c87e8a227e09becdd07094d026ca0a207
- SHA256
  
  8c2c855b1c9ce1eae94ea7747ab5897b1e8c416ccf5c27caa9b185a9f71f08f3
- SHA512
  
  e22dc3a1be7326f76aba3aa53f3a1d0e1079fa61256eeb16742de1a69fe7f7a59cf69d9266c31f6ab04b9c082302ed284a83dcd88a55ff9774e83b50b70b0508
- SSDEEP
  
  6144:2dMvtUR3WpmJbWO3Wp6LBCYdi3WpmJbWO3Wp:2dMvttC4sBVC4
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer