5ac527544fb1c8284eeda71903e166579c76ac09d67766fb93ebad7aa7c96846 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f33a59ec1a55cbbab76fa715b15e4a1
Size

784KB
Sample

231226-pv8e5sceek
MD5

6f33a59ec1a55cbbab76fa715b15e4a1
SHA1

2501075d4231dae639ad4dd104d7fa4233275e06
SHA256

5ac527544fb1c8284eeda71903e166579c76ac09d67766fb93ebad7aa7c96846
SHA512

8d075240655773200aeb8f4e7222fa66b3abe2d1011d8be1b210d8cf53198b64a3971d05f10d0ce013a3292f4515fbb05251e75073d84294ed99a2410a1b169e
SSDEEP

24576:cA7RMJ6Lb4h+6MoF9bVN4B/C4gdcYUf6qGlMlWWdRNg0q3:cA7RMofn6MC9j4huv46qGlMlWWGl

Score

7^/10

discovery persistence spyware stealer upx

Malware Config

Targets

- Target
  
  6f33a59ec1a55cbbab76fa715b15e4a1
- Size
  
  784KB
- MD5
  
  6f33a59ec1a55cbbab76fa715b15e4a1
- SHA1
  
  2501075d4231dae639ad4dd104d7fa4233275e06
- SHA256
  
  5ac527544fb1c8284eeda71903e166579c76ac09d67766fb93ebad7aa7c96846
- SHA512
  
  8d075240655773200aeb8f4e7222fa66b3abe2d1011d8be1b210d8cf53198b64a3971d05f10d0ce013a3292f4515fbb05251e75073d84294ed99a2410a1b169e
- SSDEEP
  
  24576:cA7RMJ6Lb4h+6MoF9bVN4B/C4gdcYUf6qGlMlWWdRNg0q3:cA7RMofn6MC9j4huv46qGlMlWWGl
Score

7^/10

discovery persistence spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealerupx

behavioral2