a70a00f66d825a0696cf21349daae82c59b77bff12586b61a859519b1b7304b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72abc5d7e2ea252ed827e2a5c3fbd6b9
Size

11KB
Sample

240124-whkxmsehbp
MD5

72abc5d7e2ea252ed827e2a5c3fbd6b9
SHA1

38802c9bd1f19c54be4a70e45f4f2a315b9c9099
SHA256

a70a00f66d825a0696cf21349daae82c59b77bff12586b61a859519b1b7304b8
SHA512

139b886c32b8eac57ddc5f26cf1dd3e5d50debdd938d042ede6ef7448bf51f93aa00833ffc56b75e89f8903f38ae9013aba70a43c660be0ace3c6a2ba02e8f82
SSDEEP

192:ItlG7QATxBYW/03VfZq4TTQYqZIMCZ7ai9Abe:2Q5jYJDq4TTQYqSZ79i

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  72abc5d7e2ea252ed827e2a5c3fbd6b9
- Size
  
  11KB
- MD5
  
  72abc5d7e2ea252ed827e2a5c3fbd6b9
- SHA1
  
  38802c9bd1f19c54be4a70e45f4f2a315b9c9099
- SHA256
  
  a70a00f66d825a0696cf21349daae82c59b77bff12586b61a859519b1b7304b8
- SHA512
  
  139b886c32b8eac57ddc5f26cf1dd3e5d50debdd938d042ede6ef7448bf51f93aa00833ffc56b75e89f8903f38ae9013aba70a43c660be0ace3c6a2ba02e8f82
- SSDEEP
  
  192:ItlG7QATxBYW/03VfZq4TTQYqZIMCZ7ai9Abe:2Q5jYJDq4TTQYqSZ79i
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2