cf9f6c2c07b73a1a02de7c5fc9e4ae675e122ccf35db8ab13dff6b53067a94b6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf9f6c2c07b73a1a02de7c5fc9e4ae675e122ccf35db8ab13dff6b53067a94b6
Size

706KB
Sample

240311-djdwlsag34
MD5

c8b34d26726d48210ee5c90fd23f4d5d
SHA1

b1f69cdc0bba7a423fad301f2b677e5424bc5a6d
SHA256

cf9f6c2c07b73a1a02de7c5fc9e4ae675e122ccf35db8ab13dff6b53067a94b6
SHA512

5c4f961714267151780194a8475b2ce94af22ce2b39ee035c29552bf2260cc9a0d8dd9c669bce9fc16f6e55b3269b6f3b67c9b1416041041e1bd389a2a147d33
SSDEEP

12288:zWiB+tjFCrNDFKYmKIiirRGW2phzrvXuayM1J3AAlrAf0d83QC0OXxcpGHMki:zWiBw8NDFKYmKOF0zr31JwAlcR3QC0O3

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  cf9f6c2c07b73a1a02de7c5fc9e4ae675e122ccf35db8ab13dff6b53067a94b6
- Size
  
  706KB
- MD5
  
  c8b34d26726d48210ee5c90fd23f4d5d
- SHA1
  
  b1f69cdc0bba7a423fad301f2b677e5424bc5a6d
- SHA256
  
  cf9f6c2c07b73a1a02de7c5fc9e4ae675e122ccf35db8ab13dff6b53067a94b6
- SHA512
  
  5c4f961714267151780194a8475b2ce94af22ce2b39ee035c29552bf2260cc9a0d8dd9c669bce9fc16f6e55b3269b6f3b67c9b1416041041e1bd389a2a147d33
- SSDEEP
  
  12288:zWiB+tjFCrNDFKYmKIiirRGW2phzrvXuayM1J3AAlrAf0d83QC0OXxcpGHMki:zWiBw8NDFKYmKOF0zr31JwAlcR3QC0O3
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2