cff6dee990afb8f216b278894e4dabc7936d0b7bc2a14c37fa5b3ee165269bdf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e6dba83b8efb496a3e64a0bdbd083fb
Size

372KB
Sample

240204-g2f1gadfbp
MD5

8e6dba83b8efb496a3e64a0bdbd083fb
SHA1

977d80b2b7864da83ce9fb91b78dbad9d7bd0a67
SHA256

cff6dee990afb8f216b278894e4dabc7936d0b7bc2a14c37fa5b3ee165269bdf
SHA512

38a810371b25816192b7b83e20ce90ce9b1b4db2eebd14e10ccf3c4ba2363762f2755774845db065c762195ed3156d88365fbaf205503dc295ef7243dbecea12
SSDEEP

6144:1/T3zd9AVAixibDqwbKhqjX9kjeKHYFqoECLrLnZF7tGUP+BgkTbXD/3/:1/XM4DShe9EcHPLrLZ5AICgkTP3/

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  8e6dba83b8efb496a3e64a0bdbd083fb
- Size
  
  372KB
- MD5
  
  8e6dba83b8efb496a3e64a0bdbd083fb
- SHA1
  
  977d80b2b7864da83ce9fb91b78dbad9d7bd0a67
- SHA256
  
  cff6dee990afb8f216b278894e4dabc7936d0b7bc2a14c37fa5b3ee165269bdf
- SHA512
  
  38a810371b25816192b7b83e20ce90ce9b1b4db2eebd14e10ccf3c4ba2363762f2755774845db065c762195ed3156d88365fbaf205503dc295ef7243dbecea12
- SSDEEP
  
  6144:1/T3zd9AVAixibDqwbKhqjX9kjeKHYFqoECLrLnZF7tGUP+BgkTbXD/3/:1/XM4DShe9EcHPLrLZ5AICgkTP3/
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2