9c8827c5c92d211cce3f8a87f13128cb4012ecebdf1b8e538dc128940fdf2b33 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9c8827c5c92d211cce3f8a87f13128cb4012ecebdf1b8e538dc128940fdf2b33
Size

1.6MB
Sample

231223-jq88zshae9
MD5

038064c9039137e28cb0b8108719726c
SHA1

c6ab404ab8e44516080052f5d0eec425260c25f2
SHA256

9c8827c5c92d211cce3f8a87f13128cb4012ecebdf1b8e538dc128940fdf2b33
SHA512

878501fe6eb644e35f480baa732bcfd55ca6c7358c964e87afa3ae2c5e7d045446051a0083d861c8009e2b831ef82cde68d7fead5a4ab865b5af42547506331d
SSDEEP

12288:ea9B+VEwYeskMjFvm0qKWjr/pMoVx8JX8it802q3LZj+:ea9BksRjhm0Ijr/eax8JXO02q3A

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  9c8827c5c92d211cce3f8a87f13128cb4012ecebdf1b8e538dc128940fdf2b33
- Size
  
  1.6MB
- MD5
  
  038064c9039137e28cb0b8108719726c
- SHA1
  
  c6ab404ab8e44516080052f5d0eec425260c25f2
- SHA256
  
  9c8827c5c92d211cce3f8a87f13128cb4012ecebdf1b8e538dc128940fdf2b33
- SHA512
  
  878501fe6eb644e35f480baa732bcfd55ca6c7358c964e87afa3ae2c5e7d045446051a0083d861c8009e2b831ef82cde68d7fead5a4ab865b5af42547506331d
- SSDEEP
  
  12288:ea9B+VEwYeskMjFvm0qKWjr/pMoVx8JX8it802q3LZj+:ea9BksRjhm0Ijr/eax8JXO02q3A
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2