a67bd7b710680b7fdb62fa156c77fabfd71b6344ea9e9238c0057622a2ca1ced | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a67bd7b710680b7fdb62fa156c77fabfd71b6344ea9e9238c0057622a2ca1ced
Size

1.8MB
Sample

240314-jwhyzsgf55
MD5

2902a70a582b6d3464d130a14b20c1b9
SHA1

2acb1356f2e93ea040f109b7c1875730693789fa
SHA256

a67bd7b710680b7fdb62fa156c77fabfd71b6344ea9e9238c0057622a2ca1ced
SHA512

51f84605c76ba82386762a46e858fdf0fb91c7a37bb1a61886da4ff61218a7b9a04d1857579fdb114aba8dc27c81dd20d96ea98864ee37b4c4b795c493406a1b
SSDEEP

49152:dx5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAQaB0zj0yjoB2:dvbjVkjjCAzJGB2Yyjl

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  a67bd7b710680b7fdb62fa156c77fabfd71b6344ea9e9238c0057622a2ca1ced
- Size
  
  1.8MB
- MD5
  
  2902a70a582b6d3464d130a14b20c1b9
- SHA1
  
  2acb1356f2e93ea040f109b7c1875730693789fa
- SHA256
  
  a67bd7b710680b7fdb62fa156c77fabfd71b6344ea9e9238c0057622a2ca1ced
- SHA512
  
  51f84605c76ba82386762a46e858fdf0fb91c7a37bb1a61886da4ff61218a7b9a04d1857579fdb114aba8dc27c81dd20d96ea98864ee37b4c4b795c493406a1b
- SSDEEP
  
  49152:dx5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAQaB0zj0yjoB2:dvbjVkjjCAzJGB2Yyjl
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2