c3393cba8a53d60004f152b9768502cfd74d7097779b2c54d0194c749f69a7fa | Triage

Sharing

General

Target

21e6981b3a23f5e7dff5f6c3f6e1ddcb
Size

185KB
Sample

231225-qsdnescdf5
MD5

21e6981b3a23f5e7dff5f6c3f6e1ddcb
SHA1

738873113c8db4674192261d1a1eb69eb15dded3
SHA256

c3393cba8a53d60004f152b9768502cfd74d7097779b2c54d0194c749f69a7fa
SHA512

2b69f57b3f0d3d80de996be173aea30047810a961709015c5f05214abb63efc8a33d08c380f64b70abaad8ec51a052dd8f11014ff5a8c74e1a23045f85f75a0c
SSDEEP

3072:yqFcxDLMteVqceYNRyADM6VyiJD1PmX2tpb9WrmAsIvjDmg9D:jFcx4teVCYK5eNfHb9WrsC

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  21e6981b3a23f5e7dff5f6c3f6e1ddcb
- Size
  
  185KB
- MD5
  
  21e6981b3a23f5e7dff5f6c3f6e1ddcb
- SHA1
  
  738873113c8db4674192261d1a1eb69eb15dded3
- SHA256
  
  c3393cba8a53d60004f152b9768502cfd74d7097779b2c54d0194c749f69a7fa
- SHA512
  
  2b69f57b3f0d3d80de996be173aea30047810a961709015c5f05214abb63efc8a33d08c380f64b70abaad8ec51a052dd8f11014ff5a8c74e1a23045f85f75a0c
- SSDEEP
  
  3072:yqFcxDLMteVqceYNRyADM6VyiJD1PmX2tpb9WrmAsIvjDmg9D:jFcx4teVCYK5eNfHb9WrsC
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer