e78859d0bd412b5f77d5e98fbd9674417645a04d5032e149715840682526e70f | Triage

Sharing

General

Target

5abdf53c7079848311d96eb4f805abe2
Size

645KB
Sample

240114-j439wsfge5
MD5

5abdf53c7079848311d96eb4f805abe2
SHA1

f0c8d3fef9064ac94e3ce98139baf594a1e0a623
SHA256

e78859d0bd412b5f77d5e98fbd9674417645a04d5032e149715840682526e70f
SHA512

45023d96f23087e683907cf6dc3231a84e4679fb7220ebf1efff891162969c5721318ba2a4aace94bb1331e8d8fd7087eef58fafdf905339f80159ecb981f773
SSDEEP

12288:TKuqr9cjVMTww0w7C6Vkueirq0NhFZVZA85VXHVj7y:TKv92Vn+TeAq0JZX5VXH9+

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  5abdf53c7079848311d96eb4f805abe2
- Size
  
  645KB
- MD5
  
  5abdf53c7079848311d96eb4f805abe2
- SHA1
  
  f0c8d3fef9064ac94e3ce98139baf594a1e0a623
- SHA256
  
  e78859d0bd412b5f77d5e98fbd9674417645a04d5032e149715840682526e70f
- SHA512
  
  45023d96f23087e683907cf6dc3231a84e4679fb7220ebf1efff891162969c5721318ba2a4aace94bb1331e8d8fd7087eef58fafdf905339f80159ecb981f773
- SSDEEP
  
  12288:TKuqr9cjVMTww0w7C6Vkueirq0NhFZVZA85VXHVj7y:TKv92Vn+TeAq0JZX5VXH9+
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2