57ff22860e1106e470351082c3c617d5257e7b8cb3aa3de357035dd71c960188 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ec68e0d833a2fe84917a440cd517227
Size

344KB
Sample

231225-vencxsbhd4
MD5

2ec68e0d833a2fe84917a440cd517227
SHA1

30125ab5ad8bc97f9c774525ce7a12bda6f833ab
SHA256

57ff22860e1106e470351082c3c617d5257e7b8cb3aa3de357035dd71c960188
SHA512

50a412142caf45a7d3568b0f879410148d21dcc8489d36a2d2c7a1bfd4c694c52354427edddf5c38a1f70605e024a67576c2e9ec2124b88779a1ba51f2c7315d
SSDEEP

6144:A/T3zd9AVAixibDqwbKhqjX9kjeKHYFqoECLrLnZF7tGUP+BgkTbXD/3/:A/XM4DShe9EcHPLrLZ5AICgkTP3/

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2ec68e0d833a2fe84917a440cd517227
- Size
  
  344KB
- MD5
  
  2ec68e0d833a2fe84917a440cd517227
- SHA1
  
  30125ab5ad8bc97f9c774525ce7a12bda6f833ab
- SHA256
  
  57ff22860e1106e470351082c3c617d5257e7b8cb3aa3de357035dd71c960188
- SHA512
  
  50a412142caf45a7d3568b0f879410148d21dcc8489d36a2d2c7a1bfd4c694c52354427edddf5c38a1f70605e024a67576c2e9ec2124b88779a1ba51f2c7315d
- SSDEEP
  
  6144:A/T3zd9AVAixibDqwbKhqjX9kjeKHYFqoECLrLnZF7tGUP+BgkTbXD/3/:A/XM4DShe9EcHPLrLZ5AICgkTP3/
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2