bd256b2fda4e2ea67174bfb888f10526122ebc2a6a7bc22fed400f2134a30459 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a85331395ef2b0aa8903b013dbf88da
Size

105KB
Sample

240202-zs3f8ahffm
MD5

8a85331395ef2b0aa8903b013dbf88da
SHA1

bb1149483e09cfe8b17c7c1859fea46561e0cd3e
SHA256

bd256b2fda4e2ea67174bfb888f10526122ebc2a6a7bc22fed400f2134a30459
SHA512

39dfd5c760b6359bf9ee776cab81ff8f6c381518aa9bb41206ace53244e87405ab5ecab2c765048a89452b55c4608b1f310160b0f4defe1a9b14a14dd137cbfc
SSDEEP

3072:fUaktPyvwhs7gwu3vuOfQ8+OgBgMVKmRuqBPpbQ:fvkCwmMwu3vjQ5Hg0K/qBPpb

Score

7^/10

persistence spyware stealer upx

Malware Config

Targets

- Target
  
  8a85331395ef2b0aa8903b013dbf88da
- Size
  
  105KB
- MD5
  
  8a85331395ef2b0aa8903b013dbf88da
- SHA1
  
  bb1149483e09cfe8b17c7c1859fea46561e0cd3e
- SHA256
  
  bd256b2fda4e2ea67174bfb888f10526122ebc2a6a7bc22fed400f2134a30459
- SHA512
  
  39dfd5c760b6359bf9ee776cab81ff8f6c381518aa9bb41206ace53244e87405ab5ecab2c765048a89452b55c4608b1f310160b0f4defe1a9b14a14dd137cbfc
- SSDEEP
  
  3072:fUaktPyvwhs7gwu3vuOfQ8+OgBgMVKmRuqBPpbQ:fvkCwmMwu3vjQ5Hg0K/qBPpb
Score

7^/10

persistence spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealerupx

behavioral2