05d5981968d4e304db5f4bab87f59f92e6583344fcacef0abe04dec17cd7db3b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6c7c42ae1af69bf5603a814dee7b8e2
Size

184KB
Sample

240319-wrpxysaf76
MD5

d6c7c42ae1af69bf5603a814dee7b8e2
SHA1

6fb5fe525331d40f6728a474e58737f0519b7665
SHA256

05d5981968d4e304db5f4bab87f59f92e6583344fcacef0abe04dec17cd7db3b
SHA512

fa8b6e4126548fbaf4d2f90c7a2ff25b88144620dd2c2231faae72c721ea635e711c3321d4bb47bfbe5350c82896067cc8649be246a80e9633949b2d37389590
SSDEEP

3072:3vORVZplbAigdmTvOY17pvMrzyfLLAX+LaDIjiLMspceH8p0WtY:fORYiCYMQLLAX+LaMQ2HK

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  d6c7c42ae1af69bf5603a814dee7b8e2
- Size
  
  184KB
- MD5
  
  d6c7c42ae1af69bf5603a814dee7b8e2
- SHA1
  
  6fb5fe525331d40f6728a474e58737f0519b7665
- SHA256
  
  05d5981968d4e304db5f4bab87f59f92e6583344fcacef0abe04dec17cd7db3b
- SHA512
  
  fa8b6e4126548fbaf4d2f90c7a2ff25b88144620dd2c2231faae72c721ea635e711c3321d4bb47bfbe5350c82896067cc8649be246a80e9633949b2d37389590
- SSDEEP
  
  3072:3vORVZplbAigdmTvOY17pvMrzyfLLAX+LaDIjiLMspceH8p0WtY:fORYiCYMQLLAX+LaMQ2HK
Score

7^/10

discovery spyware stealer
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer