0571c553da0617ae9f0473601281871a1d4fc562effc20ac0a988545db763ab9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4df9063fbcb8b26213a3d1d62f83d511
Size

1.8MB
Sample

240109-lld86addhl
MD5

4df9063fbcb8b26213a3d1d62f83d511
SHA1

713f316dc081b38093bf50ad24c22bed47f8383b
SHA256

0571c553da0617ae9f0473601281871a1d4fc562effc20ac0a988545db763ab9
SHA512

ef47eb5dd3909a38df1d5b9df0b3ee404eb9e4d1cc3ade6df999080cde947d7eb93e88070041821a95d2d94c31e002849b86707b455cb1af72616e984373e9f1
SSDEEP

49152:Lv/ED0AXiq+OlhTkrE3dQ0DWk6b8KnyDogsGjafjywC+vM:LMD0AXiq75kreMIKnyDogshfj

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  4df9063fbcb8b26213a3d1d62f83d511
- Size
  
  1.8MB
- MD5
  
  4df9063fbcb8b26213a3d1d62f83d511
- SHA1
  
  713f316dc081b38093bf50ad24c22bed47f8383b
- SHA256
  
  0571c553da0617ae9f0473601281871a1d4fc562effc20ac0a988545db763ab9
- SHA512
  
  ef47eb5dd3909a38df1d5b9df0b3ee404eb9e4d1cc3ade6df999080cde947d7eb93e88070041821a95d2d94c31e002849b86707b455cb1af72616e984373e9f1
- SSDEEP
  
  49152:Lv/ED0AXiq+OlhTkrE3dQ0DWk6b8KnyDogsGjafjywC+vM:LMD0AXiq75kreMIKnyDogshfj
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2