44817271df4ce23bc243e487d526316519b12aa8ee79db42ad1fa1d94d02e9f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44817271df4ce23bc243e487d526316519b12aa8ee79db42ad1fa1d94d02e9f1
Size

1.8MB
Sample

240129-kfj2safchl
MD5

81696d6d34aa63b9fb31a2672175701b
SHA1

33bf655fd580655aa1fbdfc5d743210043446e32
SHA256

44817271df4ce23bc243e487d526316519b12aa8ee79db42ad1fa1d94d02e9f1
SHA512

b2d1fddfbd14890bf1b1e9aa51838b8ed9e06eeb45b1f20b7fc8d2aa50019ca9a7534993256cdfcd1a0032274742536b83903ccf2de762228f3522787e37be1c
SSDEEP

49152:dx5SUW/cxUitIGLsF0nb+tJVYleAMz77+WA2ErvL73RLSo+2fhl:dvbjVkjjCAzJ2rvvRe12fD

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  44817271df4ce23bc243e487d526316519b12aa8ee79db42ad1fa1d94d02e9f1
- Size
  
  1.8MB
- MD5
  
  81696d6d34aa63b9fb31a2672175701b
- SHA1
  
  33bf655fd580655aa1fbdfc5d743210043446e32
- SHA256
  
  44817271df4ce23bc243e487d526316519b12aa8ee79db42ad1fa1d94d02e9f1
- SHA512
  
  b2d1fddfbd14890bf1b1e9aa51838b8ed9e06eeb45b1f20b7fc8d2aa50019ca9a7534993256cdfcd1a0032274742536b83903ccf2de762228f3522787e37be1c
- SSDEEP
  
  49152:dx5SUW/cxUitIGLsF0nb+tJVYleAMz77+WA2ErvL73RLSo+2fhl:dvbjVkjjCAzJ2rvvRe12fD
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2