bbf75712ae4256d56c651b70de429f97b9e4022c00ce4e9d9c0fe3125092d419 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d7b66232ee9fe172787de31ccd12be1
Size

36KB
Sample

240109-gbsatahbdj
MD5

4d7b66232ee9fe172787de31ccd12be1
SHA1

ace607644c8b0cf16bd31ddb1b6fb9c632895554
SHA256

bbf75712ae4256d56c651b70de429f97b9e4022c00ce4e9d9c0fe3125092d419
SHA512

e50f8a7e8afd35184ef741b8f156161e6ecf5bdba7daebbedb0e65677ded392d732fd8ac7a01fbb23cdb62102f33d4d94607d54d56ad003538d896b00474fe9a
SSDEEP

384:SykJAVNp3F1ngrEmodobJLYlt1c/fOPr35w1jIWkDIHST7WUI:SyX3rTsLYv1c/fOShIvzf

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  4d7b66232ee9fe172787de31ccd12be1
- Size
  
  36KB
- MD5
  
  4d7b66232ee9fe172787de31ccd12be1
- SHA1
  
  ace607644c8b0cf16bd31ddb1b6fb9c632895554
- SHA256
  
  bbf75712ae4256d56c651b70de429f97b9e4022c00ce4e9d9c0fe3125092d419
- SHA512
  
  e50f8a7e8afd35184ef741b8f156161e6ecf5bdba7daebbedb0e65677ded392d732fd8ac7a01fbb23cdb62102f33d4d94607d54d56ad003538d896b00474fe9a
- SSDEEP
  
  384:SykJAVNp3F1ngrEmodobJLYlt1c/fOPr35w1jIWkDIHST7WUI:SyX3rTsLYv1c/fOShIvzf
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer