24bb624505c3bab08656b01272e944774de3b3d909479f6ac6bf606c2e82e455 | Triage

Sharing

General

Target

8638ce1953a8dafd2c31d337ed38d0e2
Size

620KB
Sample

240201-hmsldsffek
MD5

8638ce1953a8dafd2c31d337ed38d0e2
SHA1

a200670b0faf9f25d27dac436996627bfdf91f5a
SHA256

24bb624505c3bab08656b01272e944774de3b3d909479f6ac6bf606c2e82e455
SHA512

1770b8f60776489fdfe41ba51d785e5d335833b9c53ab34064b5f4208f791ca003c7dde3c7e58af2340a9efcd47795feb463033a68972db7fd7858dd7f841c45
SSDEEP

12288:bWOmu28vF+GAY8VNuDzxUziRhXy8s7Sty4+ITmrQXuylUuDfUGbnOWxoo/:u8tATUaWYGOQFl5Dcchok

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  8638ce1953a8dafd2c31d337ed38d0e2
- Size
  
  620KB
- MD5
  
  8638ce1953a8dafd2c31d337ed38d0e2
- SHA1
  
  a200670b0faf9f25d27dac436996627bfdf91f5a
- SHA256
  
  24bb624505c3bab08656b01272e944774de3b3d909479f6ac6bf606c2e82e455
- SHA512
  
  1770b8f60776489fdfe41ba51d785e5d335833b9c53ab34064b5f4208f791ca003c7dde3c7e58af2340a9efcd47795feb463033a68972db7fd7858dd7f841c45
- SSDEEP
  
  12288:bWOmu28vF+GAY8VNuDzxUziRhXy8s7Sty4+ITmrQXuylUuDfUGbnOWxoo/:u8tATUaWYGOQFl5Dcchok
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2