d83ad9ad4c64b9dd4c9c4f9f16a9605fc12e947d29e999c119cbee68955b356e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d83ad9ad4c64b9dd4c9c4f9f16a9605fc12e947d29e999c119cbee68955b356e
Size

2.7MB
Sample

240313-ypme6agg78
MD5

8db2496dc9d088875d00f1641ea4b1ac
SHA1

97ad5f52ad6feae8774c9d574ea71c3ab6a05805
SHA256

d83ad9ad4c64b9dd4c9c4f9f16a9605fc12e947d29e999c119cbee68955b356e
SHA512

28a7845bdc864f307d1d2d3e7598a9c183bb3673672b95f0bd3eabd4ecfb6fcc7826fd9ca812b72731defccb8b9ee673fb0b9bfb06975c7e38dba0fa2ed6166c
SSDEEP

49152:wynK2mUoQFuSCidUatqbkKjb4AmdjSjhTSGIo8Y70ttt9r+3v43/KKwNRFKH4umD:LnKsFrdJtqb3Zmdm2tn9rsv4vKKwNRFr

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  d83ad9ad4c64b9dd4c9c4f9f16a9605fc12e947d29e999c119cbee68955b356e
- Size
  
  2.7MB
- MD5
  
  8db2496dc9d088875d00f1641ea4b1ac
- SHA1
  
  97ad5f52ad6feae8774c9d574ea71c3ab6a05805
- SHA256
  
  d83ad9ad4c64b9dd4c9c4f9f16a9605fc12e947d29e999c119cbee68955b356e
- SHA512
  
  28a7845bdc864f307d1d2d3e7598a9c183bb3673672b95f0bd3eabd4ecfb6fcc7826fd9ca812b72731defccb8b9ee673fb0b9bfb06975c7e38dba0fa2ed6166c
- SSDEEP
  
  49152:wynK2mUoQFuSCidUatqbkKjb4AmdjSjhTSGIo8Y70ttt9r+3v43/KKwNRFKH4umD:LnKsFrdJtqb3Zmdm2tn9rsv4vKKwNRFr
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2