2462bab518fe5cebef008cb12b44065348f9173df6bf4d9f80dfda82869575d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Sky_Beta.rar
Size

68.1MB
Sample

240211-rfekmagh4v
MD5

f9fe2939c1446fb5656df0e26893212d
SHA1

701fa00c83c2b2f5fab9b19e50a7f36f153df78d
SHA256

2462bab518fe5cebef008cb12b44065348f9173df6bf4d9f80dfda82869575d1
SHA512

9661a2666c6d675f80ba4b3b73fd281faf55461c1186925dfc9f8db29dd9598ae2aa0f3a57c9867331e40e76a037c342029570e3b7b96a0b9aaa157fb249458c
SSDEEP

1572864:jjddGv+xpU8juU0gnvID4NsehQ5A5GjnvyIgZGQVDk:XGvv86UDvzsehQCe9gZxk

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Sky Beta .exe
- Size
  
  68.1MB
- MD5
  
  eba2536c9fcc5ef3e490b7fa2ffc9a45
- SHA1
  
  5291bdcbbef4835fd63facffa0fd86881d9e054c
- SHA256
  
  0223d85eaf5cd5b188e61e9c99b62a9b5cfba4c5d2ed13576858b40327451ae7
- SHA512
  
  aa5b8168e77da5aa3f48aaea2b47381fad3855b7085f1b8931ab24741afe4dc76f70ce89665d74a4e60b3842aadc1acb49b3e412816458aa8d7b2edb6e7649a8
- SSDEEP
  
  1572864:2jddGv+xpU8juU0gnvID4NsehQ5A5GjnvyIgZGQVD7:qGvv86UDvzsehQCe9gZx7
Score

7^/10

spyware stealer
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  Sky Beta.exe
- Size
  
  152.7MB
- MD5
  
  82bba5f337a5441c52486c72dbe1ae91
- SHA1
  
  8e31ee0ec80cbf883b5ee945fed9b9e330407f5b
- SHA256
  
  28654e3b799752f56c9699d156c01f21dbbe598058ba52e9b8f876a0e7c8ce09
- SHA512
  
  16300c7c590145f9da4b8c06b6efe1be77a3ba037234d4de8fae3586c9453698596f6fa2e0600a171d0512a9b9b28dfbe55d27bffafe673e4c8afcbfb12660e7
- SSDEEP
  
  1572864:qLBZB52nvuZ7wVuMbgR7Sp6kYdEctmhoLsPagBsgkx52HYhwj+vfIBUdoJnP9Dj0:qypCmJctBjj2+Jv
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral5 behavioral6 behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8