8d0847db5692db038ab74292beeb674eef08640f57f0ed9da538bbc4846ecf59 | Triage

Sharing

General

Target

8d0847db5692db038ab74292beeb674eef08640f57f0ed9da538bbc4846ecf59
Size

71KB
Sample

240307-125tdafc88
MD5

15edbc801c9ea1019a3e56d52ae6a3b6
SHA1

12ac5056a8e1c7beb4c8cd467652db896f04e136
SHA256

8d0847db5692db038ab74292beeb674eef08640f57f0ed9da538bbc4846ecf59
SHA512

f7d7fc889d9f86309758fe268c467f9b20e402f704030d230a9dc6d101d4045f361c207c87f3bbc2e141cfe25b11d11c248ea08cbb8cd61635bb18a92ecdddec
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTE:ZhpAyazIlyazTE

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  8d0847db5692db038ab74292beeb674eef08640f57f0ed9da538bbc4846ecf59
- Size
  
  71KB
- MD5
  
  15edbc801c9ea1019a3e56d52ae6a3b6
- SHA1
  
  12ac5056a8e1c7beb4c8cd467652db896f04e136
- SHA256
  
  8d0847db5692db038ab74292beeb674eef08640f57f0ed9da538bbc4846ecf59
- SHA512
  
  f7d7fc889d9f86309758fe268c467f9b20e402f704030d230a9dc6d101d4045f361c207c87f3bbc2e141cfe25b11d11c248ea08cbb8cd61635bb18a92ecdddec
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTE:ZhpAyazIlyazTE
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer