523a1409017b1c3a50e6e97fd2e83ed73a3d406e612eca52a26ed9d7c61bafbe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f9c67cd91708b8e7878ebd551aadaf4
Size

177KB
Sample

231225-jjdthadggk
MD5

0f9c67cd91708b8e7878ebd551aadaf4
SHA1

1d0ee8b6f4881e44a906a4dfa0a79463efb4e7bf
SHA256

523a1409017b1c3a50e6e97fd2e83ed73a3d406e612eca52a26ed9d7c61bafbe
SHA512

396f43ba027e962efbd0a2a3ed4a0f59d98e562223115e5b83a32f387238dc386a661b40966e1f34b3a4eab7c9533238ae8f5bc151e3cf72bccfe1404a362730
SSDEEP

3072:2OjjYdyhHcjAIUk/JNczQ15qKo6fXXWhmGs3S2MYEjxeJ:2LyhHQTUgN23hmGeS2LEN

Score

7^/10

persistence spyware stealer upx

Malware Config

Targets

- Target
  
  0f9c67cd91708b8e7878ebd551aadaf4
- Size
  
  177KB
- MD5
  
  0f9c67cd91708b8e7878ebd551aadaf4
- SHA1
  
  1d0ee8b6f4881e44a906a4dfa0a79463efb4e7bf
- SHA256
  
  523a1409017b1c3a50e6e97fd2e83ed73a3d406e612eca52a26ed9d7c61bafbe
- SHA512
  
  396f43ba027e962efbd0a2a3ed4a0f59d98e562223115e5b83a32f387238dc386a661b40966e1f34b3a4eab7c9533238ae8f5bc151e3cf72bccfe1404a362730
- SSDEEP
  
  3072:2OjjYdyhHcjAIUk/JNczQ15qKo6fXXWhmGs3S2MYEjxeJ:2LyhHQTUgN23hmGeS2LEN
Score

7^/10

persistence spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealerupx

behavioral2