5f2acff200b7ee5d7399dfbcdc97ce2a3db16e09eb290fbb1777211341c0b75b | Triage

Sharing

General

Target

5f2acff200b7ee5d7399dfbcdc97ce2a3db16e09eb290fbb1777211341c0b75b
Size

1.8MB
Sample

240122-3jmaesdher
MD5

9eadf3d06986955f12fdf60c3229ceec
SHA1

c81189f52c0a94bae3bb3fa8d9a1f35b6fcdfe70
SHA256

5f2acff200b7ee5d7399dfbcdc97ce2a3db16e09eb290fbb1777211341c0b75b
SHA512

17478f0a292c82aed8fbf6a35dda1da63b671d19805a781d0901be5e13d3594f5922dc79f8fa3bd42db789ce35534f438ec9699b1d0e228e2d98e5b32c742bfe
SSDEEP

49152:Tx5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAeaB0zj0yjoB2:TvbjVkjjCAzJAB2Yyjl

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  5f2acff200b7ee5d7399dfbcdc97ce2a3db16e09eb290fbb1777211341c0b75b
- Size
  
  1.8MB
- MD5
  
  9eadf3d06986955f12fdf60c3229ceec
- SHA1
  
  c81189f52c0a94bae3bb3fa8d9a1f35b6fcdfe70
- SHA256
  
  5f2acff200b7ee5d7399dfbcdc97ce2a3db16e09eb290fbb1777211341c0b75b
- SHA512
  
  17478f0a292c82aed8fbf6a35dda1da63b671d19805a781d0901be5e13d3594f5922dc79f8fa3bd42db789ce35534f438ec9699b1d0e228e2d98e5b32c742bfe
- SSDEEP
  
  49152:Tx5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAeaB0zj0yjoB2:TvbjVkjjCAzJAB2Yyjl
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2