fca1017b14dae98b0d712e6411b3234ea3eea259897305ae1c7bf991b7a86d2f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

679fc80b9d5dc74d988c9385ddaa1f89
Size

1.6MB
Sample

231226-ml7fdafdgk
MD5

679fc80b9d5dc74d988c9385ddaa1f89
SHA1

0dbd8b3d48c7f2658b13f41cccc174e15d6e5ac4
SHA256

fca1017b14dae98b0d712e6411b3234ea3eea259897305ae1c7bf991b7a86d2f
SHA512

f6c0b380d1074d805c387a2f7f53488d6373267db55b3652203a1e77ef39f6b9de76b2dd4204e4fd14301b0b7bb37875e5f824405def23e962f7a90ecb222e41
SSDEEP

49152:1/fwUdoP8/QnXQLqs4CEgHhAWkf6tvk4TXvry:1wUdd/0ALq+O6tcJ

Score

7^/10

evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  679fc80b9d5dc74d988c9385ddaa1f89
- Size
  
  1.6MB
- MD5
  
  679fc80b9d5dc74d988c9385ddaa1f89
- SHA1
  
  0dbd8b3d48c7f2658b13f41cccc174e15d6e5ac4
- SHA256
  
  fca1017b14dae98b0d712e6411b3234ea3eea259897305ae1c7bf991b7a86d2f
- SHA512
  
  f6c0b380d1074d805c387a2f7f53488d6373267db55b3652203a1e77ef39f6b9de76b2dd4204e4fd14301b0b7bb37875e5f824405def23e962f7a90ecb222e41
- SSDEEP
  
  49152:1/fwUdoP8/QnXQLqs4CEgHhAWkf6tvk4TXvry:1wUdd/0ALq+O6tcJ
Score

7^/10

evasion spyware stealer trojan
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionspywarestealertrojan

behavioral2