644ba316e402faf534a3feb88d6da4ab3299dd337d961fe961f0e89c608e0362 | Triage

Sharing

General

Target

885186e0a72510f6888e8ca1780f3c5d
Size

114KB
Sample

240202-cz16eaebal
MD5

885186e0a72510f6888e8ca1780f3c5d
SHA1

57dc5452bd6fdc67e8177a92c8cf6b39722d32a6
SHA256

644ba316e402faf534a3feb88d6da4ab3299dd337d961fe961f0e89c608e0362
SHA512

d2da6a6f8a09367e9b08f186ca8546c19a676938951df9ef79663d135cc425b6d2d8295cdd38a7603e426958320836258a6fc28cdad5868756b8d4ed02f60cd4
SSDEEP

1536:TeqejnOkp/2d3C24gJdJp+c2vOUHkrxbBgJiKLDVOpJrnzqYoEZnx3kWGM3SnC6D:TnejnOk/OPpeOUHygBUvZ6WPkVB

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  885186e0a72510f6888e8ca1780f3c5d
- Size
  
  114KB
- MD5
  
  885186e0a72510f6888e8ca1780f3c5d
- SHA1
  
  57dc5452bd6fdc67e8177a92c8cf6b39722d32a6
- SHA256
  
  644ba316e402faf534a3feb88d6da4ab3299dd337d961fe961f0e89c608e0362
- SHA512
  
  d2da6a6f8a09367e9b08f186ca8546c19a676938951df9ef79663d135cc425b6d2d8295cdd38a7603e426958320836258a6fc28cdad5868756b8d4ed02f60cd4
- SSDEEP
  
  1536:TeqejnOkp/2d3C24gJdJp+c2vOUHkrxbBgJiKLDVOpJrnzqYoEZnx3kWGM3SnC6D:TnejnOk/OPpeOUHygBUvZ6WPkVB
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2