1386caa93a360624ba0e950c9f5544f80e0ca849c37ac68cdde2f869c24b6b43 | Triage

Sharing

General

Target

1386caa93a360624ba0e950c9f5544f80e0ca849c37ac68cdde2f869c24b6b43
Size

2.6MB
Sample

240225-bytjhaae9t
MD5

1e29f0d4f65a3d054aecd453b0ede908
SHA1

8aa6665022f965d095a1418e72ac2ce1e15b2fba
SHA256

1386caa93a360624ba0e950c9f5544f80e0ca849c37ac68cdde2f869c24b6b43
SHA512

62a37ba36eb0378d358818461ddf88f197e5c3fa55fd12065ac0e14ceb9b300db30173b7a745db4ff076be9f42abf1a735a84a7b6dedd741f599dda097bf0778
SSDEEP

49152:y+R25naFw0/Tw7d9hCeOE1qlfWyN+T14so9NtpOaVroSRxiJlPtz:y+zmCsqlfVBoFJjz

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  1386caa93a360624ba0e950c9f5544f80e0ca849c37ac68cdde2f869c24b6b43
- Size
  
  2.6MB
- MD5
  
  1e29f0d4f65a3d054aecd453b0ede908
- SHA1
  
  8aa6665022f965d095a1418e72ac2ce1e15b2fba
- SHA256
  
  1386caa93a360624ba0e950c9f5544f80e0ca849c37ac68cdde2f869c24b6b43
- SHA512
  
  62a37ba36eb0378d358818461ddf88f197e5c3fa55fd12065ac0e14ceb9b300db30173b7a745db4ff076be9f42abf1a735a84a7b6dedd741f599dda097bf0778
- SSDEEP
  
  49152:y+R25naFw0/Tw7d9hCeOE1qlfWyN+T14so9NtpOaVroSRxiJlPtz:y+zmCsqlfVBoFJjz
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2