f75c5b809e07fe2bdcc52fba4ebed26c82b703acf60d1b6a725189c496ad4753 | Triage

Sharing

General

Target

Mp3tag.exe
Size

4.2MB
Sample

231222-v34d2scggm
MD5

27f50c1e155be52886e26d7d75ee0cb2
SHA1

99a6a750dd4c1ef5d2139d572d951b8359e59c2f
SHA256

f75c5b809e07fe2bdcc52fba4ebed26c82b703acf60d1b6a725189c496ad4753
SHA512

58811f2a21163b8c2c0e4566dac684d8cd93a932e7e59af38038c5f3bef488eaee1762684b457d9e3faa12588004de5106f13ff70f08822ca30391f614c617af
SSDEEP

98304:ytAB8a512stMgI5Pa7NJ0Au05DUrWbb99F2Yo8k3JD5P0p:ytE32seDa7sAu0Ork99F2Yfk5S

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Mp3tag.exe
- Size
  
  4.2MB
- MD5
  
  27f50c1e155be52886e26d7d75ee0cb2
- SHA1
  
  99a6a750dd4c1ef5d2139d572d951b8359e59c2f
- SHA256
  
  f75c5b809e07fe2bdcc52fba4ebed26c82b703acf60d1b6a725189c496ad4753
- SHA512
  
  58811f2a21163b8c2c0e4566dac684d8cd93a932e7e59af38038c5f3bef488eaee1762684b457d9e3faa12588004de5106f13ff70f08822ca30391f614c617af
- SSDEEP
  
  98304:ytAB8a512stMgI5Pa7NJ0Au05DUrWbb99F2Yo8k3JD5P0p:ytE32seDa7sAu0Ork99F2Yfk5S
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1