7dc0bb13db44dfc8b8e736a68aee390493215917a64f7ad39bf686ddd1e6b4a3 | Triage

Sharing

General

Target

642cf5f32f446f421f5de6ae966d796f
Size

46KB
Sample

240118-cbcsxabbe8
MD5

642cf5f32f446f421f5de6ae966d796f
SHA1

de14ad5df5ec453540a0846fe44381900a1cb213
SHA256

7dc0bb13db44dfc8b8e736a68aee390493215917a64f7ad39bf686ddd1e6b4a3
SHA512

a1800b4c1ec95aa7853032b26e934505a14f4cc40a0fbc161ffcc35c4fd7e6e01dce9e23a50981e8ceae13a6550bbac85b4917e9d5beb1f28db9af1491825eed
SSDEEP

384:Uif6xymxRc3zENoQ0gTFA/oIR9XqCgdIY0f0gV:Ui/oRc3oOQ0gT+oE96p6rbV

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  642cf5f32f446f421f5de6ae966d796f
- Size
  
  46KB
- MD5
  
  642cf5f32f446f421f5de6ae966d796f
- SHA1
  
  de14ad5df5ec453540a0846fe44381900a1cb213
- SHA256
  
  7dc0bb13db44dfc8b8e736a68aee390493215917a64f7ad39bf686ddd1e6b4a3
- SHA512
  
  a1800b4c1ec95aa7853032b26e934505a14f4cc40a0fbc161ffcc35c4fd7e6e01dce9e23a50981e8ceae13a6550bbac85b4917e9d5beb1f28db9af1491825eed
- SSDEEP
  
  384:Uif6xymxRc3zENoQ0gTFA/oIR9XqCgdIY0f0gV:Ui/oRc3oOQ0gT+oE96p6rbV
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2