75feb51f91fb1e6c06d8338fd0e79d94c5b5059dabbc9e1032f1fd69c6b4220a | Triage

Sharing

General

Target

06b20a20c9de68e0f69b7f19de820ef5
Size

58KB
Sample

231225-fqsdpadch6
MD5

06b20a20c9de68e0f69b7f19de820ef5
SHA1

41df559aefd262a53815a95a54287cfe622dabf5
SHA256

75feb51f91fb1e6c06d8338fd0e79d94c5b5059dabbc9e1032f1fd69c6b4220a
SHA512

5d25fc6933f6aaf6e2d2c548a06dd79fa33df388c8ecb1f9567355ddeaefd3c8bd4554a7e1088853130d6ef8ef3a263e59c3aea7cc0bbd6ac5d3bfb1d7c0c917
SSDEEP

1536:p4q8Q1xZtffrb8sjPFNhTYsFFrzckH2fmitDg:qKtfDwsjPThTYszDH2fO

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  06b20a20c9de68e0f69b7f19de820ef5
- Size
  
  58KB
- MD5
  
  06b20a20c9de68e0f69b7f19de820ef5
- SHA1
  
  41df559aefd262a53815a95a54287cfe622dabf5
- SHA256
  
  75feb51f91fb1e6c06d8338fd0e79d94c5b5059dabbc9e1032f1fd69c6b4220a
- SHA512
  
  5d25fc6933f6aaf6e2d2c548a06dd79fa33df388c8ecb1f9567355ddeaefd3c8bd4554a7e1088853130d6ef8ef3a263e59c3aea7cc0bbd6ac5d3bfb1d7c0c917
- SSDEEP
  
  1536:p4q8Q1xZtffrb8sjPFNhTYsFFrzckH2fmitDg:qKtfDwsjPThTYszDH2fO
Score

7^/10

spyware stealer
- Deletes itself
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2