c90b71ae305298e62357cedf8c5178d8fd636927581d3dd66fe5e4d3eca0efdf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65015577fd20bf4eb669d7fa864831bc
Size

3.3MB
Sample

231226-lt2dnaahan
MD5

65015577fd20bf4eb669d7fa864831bc
SHA1

7e1bd768b1bb0fbd117b332fe3138720b45a66c1
SHA256

c90b71ae305298e62357cedf8c5178d8fd636927581d3dd66fe5e4d3eca0efdf
SHA512

d276d905b0ebac9350a3f847bb47140bd24d15e88cb49970bea09679df5dfcabb3f042b8339b1fcb13a33d208321c779613ce0c856614cada6f0ff4de8db4709
SSDEEP

98304:inZdKY36YYoagQPmG11j01gRf2JKEh9rOy4jibTnU:Gn5eKR2feHh9rl4+bT

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  65015577fd20bf4eb669d7fa864831bc
- Size
  
  3.3MB
- MD5
  
  65015577fd20bf4eb669d7fa864831bc
- SHA1
  
  7e1bd768b1bb0fbd117b332fe3138720b45a66c1
- SHA256
  
  c90b71ae305298e62357cedf8c5178d8fd636927581d3dd66fe5e4d3eca0efdf
- SHA512
  
  d276d905b0ebac9350a3f847bb47140bd24d15e88cb49970bea09679df5dfcabb3f042b8339b1fcb13a33d208321c779613ce0c856614cada6f0ff4de8db4709
- SSDEEP
  
  98304:inZdKY36YYoagQPmG11j01gRf2JKEh9rOy4jibTnU:Gn5eKR2feHh9rl4+bT
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2