27f20d38364f02a196758383b005350d063efb2f49e9f7b4f8a3cd7bd43900f9 | Triage

Sharing

General

Target

89f292660c7c5740fd18f20a7beaf61e
Size

637KB
Sample

240202-tjzq3scccr
MD5

89f292660c7c5740fd18f20a7beaf61e
SHA1

934009a9bc2d76d0e9a976bd1aee84a517abc7f3
SHA256

27f20d38364f02a196758383b005350d063efb2f49e9f7b4f8a3cd7bd43900f9
SHA512

3cb87bea4c4fe4d3bbd633ddba303a14cc6d348e9382621094080adeedd2b9cab1e68b58a0c4add8fc37aee32d2f6ab18f03a1d7a3c52711a894b123132ddf22
SSDEEP

12288:2zKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3:eoGPyRQXkkJaXrmu05Ak6MRoXyhB

Score

7^/10

persistence spyware stealer upx

Malware Config

Targets

- Target
  
  89f292660c7c5740fd18f20a7beaf61e
- Size
  
  637KB
- MD5
  
  89f292660c7c5740fd18f20a7beaf61e
- SHA1
  
  934009a9bc2d76d0e9a976bd1aee84a517abc7f3
- SHA256
  
  27f20d38364f02a196758383b005350d063efb2f49e9f7b4f8a3cd7bd43900f9
- SHA512
  
  3cb87bea4c4fe4d3bbd633ddba303a14cc6d348e9382621094080adeedd2b9cab1e68b58a0c4add8fc37aee32d2f6ab18f03a1d7a3c52711a894b123132ddf22
- SSDEEP
  
  12288:2zKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3:eoGPyRQXkkJaXrmu05Ak6MRoXyhB
Score

7^/10

persistence spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealerupx

behavioral2