e4d9d93d7d0bd77e9ab712b36cbe40e0a33ac158d0177527a55006222349c577 | Triage

Sharing

General

Target

6480943af07e313616aabe21c5305eaf
Size

3.7MB
Sample

240118-fdvy2schfn
MD5

6480943af07e313616aabe21c5305eaf
SHA1

27455fefee28582558e8fa436a466484d1c7d632
SHA256

e4d9d93d7d0bd77e9ab712b36cbe40e0a33ac158d0177527a55006222349c577
SHA512

c539d686a7075cbb380334c2f1b72a037302fca9fc871fac1581995eb9631ae214a6ce18052d8d5c5c6ed8f79eb9bb7fe359275e34a9c87e87892706042c5368
SSDEEP

98304:F2m4OyJ8X/ND+aTGQQ4BSLWCilhsiL3KG4oi:omHQaT7jS6CibCG4

Score

7^/10

evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  6480943af07e313616aabe21c5305eaf
- Size
  
  3.7MB
- MD5
  
  6480943af07e313616aabe21c5305eaf
- SHA1
  
  27455fefee28582558e8fa436a466484d1c7d632
- SHA256
  
  e4d9d93d7d0bd77e9ab712b36cbe40e0a33ac158d0177527a55006222349c577
- SHA512
  
  c539d686a7075cbb380334c2f1b72a037302fca9fc871fac1581995eb9631ae214a6ce18052d8d5c5c6ed8f79eb9bb7fe359275e34a9c87e87892706042c5368
- SSDEEP
  
  98304:F2m4OyJ8X/ND+aTGQQ4BSLWCilhsiL3KG4oi:omHQaT7jS6CibCG4
Score

7^/10

evasion spyware stealer trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionspywarestealertrojan

behavioral2

evasionspywarestealertrojan