ea7c5e1d9a28483eb6c085eb936f2f2adad6b0448abedc7266e249fed0d9c179 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea7c5e1d9a28483eb6c085eb936f2f2adad6b0448abedc7266e249fed0d9c179
Size

1.3MB
Sample

240104-bqeqdagee7
MD5

01ad99f08fdb4dd42784eff14471dc97
SHA1

523cfcf75dc1f60847fc0a05b4de69257fe864de
SHA256

ea7c5e1d9a28483eb6c085eb936f2f2adad6b0448abedc7266e249fed0d9c179
SHA512

a52f11602425bc03882c60f680b7f20a1286a8b99642a0f2fbc206559f422cc7404a2bfe78c82634881d558c84ae3028753bb6940786cf8b648dd7fb35d308b7
SSDEEP

12288:KE9B+VnGt/sB1KcYmqgZvAMlUoUjG+YKtMfnkOeZb5JYiNAgAPhs:KE9B7t/sBlDqgZQd6XKtiMJYiPUs

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  ea7c5e1d9a28483eb6c085eb936f2f2adad6b0448abedc7266e249fed0d9c179
- Size
  
  1.3MB
- MD5
  
  01ad99f08fdb4dd42784eff14471dc97
- SHA1
  
  523cfcf75dc1f60847fc0a05b4de69257fe864de
- SHA256
  
  ea7c5e1d9a28483eb6c085eb936f2f2adad6b0448abedc7266e249fed0d9c179
- SHA512
  
  a52f11602425bc03882c60f680b7f20a1286a8b99642a0f2fbc206559f422cc7404a2bfe78c82634881d558c84ae3028753bb6940786cf8b648dd7fb35d308b7
- SSDEEP
  
  12288:KE9B+VnGt/sB1KcYmqgZvAMlUoUjG+YKtMfnkOeZb5JYiNAgAPhs:KE9B7t/sBlDqgZQd6XKtiMJYiPUs
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2