63f39c2be1d5b1376d350682543f2fe63e5060edaab3ba4a6e4b33c80142eab6 | Triage

Sharing

General

Target

733758b4dc495fc5b51ffd41e7b56348
Size

401KB
Sample

240125-advemabgh4
MD5

733758b4dc495fc5b51ffd41e7b56348
SHA1

cf6cf15df13aff9217e38e9e67d47db19234fa31
SHA256

63f39c2be1d5b1376d350682543f2fe63e5060edaab3ba4a6e4b33c80142eab6
SHA512

476ddf6d1b4aa1f950481c529ef960aef7e1290a228c39d3996f5e048b23ca223e746e07811663776866377a36e5e79e287e1d5ad0c1ac10db77b7b448c363b2
SSDEEP

12288:u/XM4DShe9EcHPLrLZ5AICgkTP3/GHzpE3F:+M4DSs9FvzAICgkTGTu1

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  733758b4dc495fc5b51ffd41e7b56348
- Size
  
  401KB
- MD5
  
  733758b4dc495fc5b51ffd41e7b56348
- SHA1
  
  cf6cf15df13aff9217e38e9e67d47db19234fa31
- SHA256
  
  63f39c2be1d5b1376d350682543f2fe63e5060edaab3ba4a6e4b33c80142eab6
- SHA512
  
  476ddf6d1b4aa1f950481c529ef960aef7e1290a228c39d3996f5e048b23ca223e746e07811663776866377a36e5e79e287e1d5ad0c1ac10db77b7b448c363b2
- SSDEEP
  
  12288:u/XM4DShe9EcHPLrLZ5AICgkTP3/GHzpE3F:+M4DSs9FvzAICgkTGTu1
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2