77f29910e8884fd2951ad8d6642bf281cf8a2c27192e6b71b2187c2e6d326774 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20aac142a7de6235c4daf4324b6df7b4
Size

13KB
Sample

231230-3wnn1saea7
MD5

20aac142a7de6235c4daf4324b6df7b4
SHA1

6990054aaf0a578b41eae2b258c6097d083b1ef4
SHA256

77f29910e8884fd2951ad8d6642bf281cf8a2c27192e6b71b2187c2e6d326774
SHA512

491efe24ea9a16878705ccd216ea13d469ec5e9220725de5eaf6df5fb9ace0ffec4c90709438c55c745dc71f8f11cd17ad1393614a5c284bc21b84f58cb26072
SSDEEP

192:UnXTyU+wT2qSlKrgTZQPEjnY3+3DafBmd0UQ7RK7+QIw6cVo:UXMA2qSTQPYnu+3fuFRLQz

Score

8^/10

evasion spyware stealer upx

Malware Config

Targets

- Target
  
  20aac142a7de6235c4daf4324b6df7b4
- Size
  
  13KB
- MD5
  
  20aac142a7de6235c4daf4324b6df7b4
- SHA1
  
  6990054aaf0a578b41eae2b258c6097d083b1ef4
- SHA256
  
  77f29910e8884fd2951ad8d6642bf281cf8a2c27192e6b71b2187c2e6d326774
- SHA512
  
  491efe24ea9a16878705ccd216ea13d469ec5e9220725de5eaf6df5fb9ace0ffec4c90709438c55c745dc71f8f11cd17ad1393614a5c284bc21b84f58cb26072
- SSDEEP
  
  192:UnXTyU+wT2qSlKrgTZQPEjnY3+3DafBmd0UQ7RK7+QIw6cVo:UXMA2qSTQPYnu+3fuFRLQz
Score

8^/10

evasion spyware stealer upx
- Stops running service(s)
  evasion
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionspywarestealerupx

behavioral2

evasionspywarestealerupx