c34b97d632de9be43fac9937b370b49a26b7e420786e3f83901457bda63f5259 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

548394bfc7149bdf27fd91075bee48f7
Size

124KB
Sample

240111-zb8lxaghh8
MD5

548394bfc7149bdf27fd91075bee48f7
SHA1

9bb1e8a77e5d05f5259e6dba2c640d0373272036
SHA256

c34b97d632de9be43fac9937b370b49a26b7e420786e3f83901457bda63f5259
SHA512

188f9a9d77ab724511f367e3edeebabea259b2fd6c455c2cd202cd185518a0ba0ab2d0b84aad5c982d53d5f3ae94c99843ad7fcd7a1f4c47c41b703ac4053d3e
SSDEEP

3072:jLsALYwil+Jfw99DjPdyTfXHziqNz6yMVWtZd:nRpVw9qPdNz6TVEZ

Score

7^/10

persistence spyware stealer upx

Malware Config

Targets

- Target
  
  548394bfc7149bdf27fd91075bee48f7
- Size
  
  124KB
- MD5
  
  548394bfc7149bdf27fd91075bee48f7
- SHA1
  
  9bb1e8a77e5d05f5259e6dba2c640d0373272036
- SHA256
  
  c34b97d632de9be43fac9937b370b49a26b7e420786e3f83901457bda63f5259
- SHA512
  
  188f9a9d77ab724511f367e3edeebabea259b2fd6c455c2cd202cd185518a0ba0ab2d0b84aad5c982d53d5f3ae94c99843ad7fcd7a1f4c47c41b703ac4053d3e
- SSDEEP
  
  3072:jLsALYwil+Jfw99DjPdyTfXHziqNz6yMVWtZd:nRpVw9qPdNz6TVEZ
Score

7^/10

persistence spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealerupx

behavioral2