70c3a6875b5a83b72069f181b78df7ee14ba7e0b85e41ce54467c841482ebc13 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47f3de680aa390e546f921f2938b8f59
Size

66KB
Sample

231226-bgzdesgfbj
MD5

47f3de680aa390e546f921f2938b8f59
SHA1

a5f6bbf6af64ec4a3a156a6b83de127522c8752c
SHA256

70c3a6875b5a83b72069f181b78df7ee14ba7e0b85e41ce54467c841482ebc13
SHA512

c6bce3ccdccc76191f259f1bda9bf8d524856ca181004ba48ddeef022c3936d76066533d95b4230e5cf5dc5fd396fe3b5c6840376595424805e1093c7ff385ec
SSDEEP

1536:JqC6r4Il6IYadecwnOIl5sF3XKHgWfN4vTFco5znLBB+o09Ru:UHsIYAVbVnhW14LFr5znLn+L9U

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  ZynGa Poker Chips Adder v2.1.3.exe
- Size
  
  80KB
- MD5
  
  0fe12ef491b24ed853bb0335f97e10ba
- SHA1
  
  78f0f186dec52650685d04895005ac95d935a0ae
- SHA256
  
  7fc1ebb72a0f486afb24bbabcc28ecedbe0a9b1859e795da0fd7675aedf1104a
- SHA512
  
  eef51fc9d374d0c4459c704a6280c8d61c35e2746c2bd4979951fe9bebf91531104032521d5dc7f19ce83e65f7d459521870d342ac08af564904152837371ec3
- SSDEEP
  
  1536:raHLtZf6yIF/JuSkZWeGkqbT3ckFqtLUNCdL2rTTifY8JZ5TZU/1N:raHz6D/JBOQksAkItZL23+bJ3ZS
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2