43bbc3894e89014e018da12303824647970fa14510f646be7fefd038f2e38b96 | Triage

Sharing

General

Target

d6dcf2d24c2072c717b4297519e3ddc1
Size

301KB
Sample

240319-xkfw5scg7z
MD5

d6dcf2d24c2072c717b4297519e3ddc1
SHA1

0fc8e44680aa065bb38785095c4cdc9fe0009561
SHA256

43bbc3894e89014e018da12303824647970fa14510f646be7fefd038f2e38b96
SHA512

9f4a9349e4233774824fa8cb211f151f45d4ba9f4a18af03afc78d9954cc4bce05f7b43fae478aac7c388f0e75db046d4bf5909db46441b0d644a2cd2d5a1607
SSDEEP

6144:Nbsl3iKVPC/iLPryD1OEXErQTW5pcOQgCariiU+1UTa3os0:CgKpC/iLShXEkrjAeiTxS

Score

7^/10

adware spyware stealer

Malware Config

Targets

- Target
  
  Visualizar.exe
- Size
  
  380KB
- MD5
  
  a0499c528485f98d6f92a1d417abb9ec
- SHA1
  
  5143a1ed4ebd77f6c957def9a9967c353f8bce63
- SHA256
  
  1df1b7974395702532365b128b157c6f248baa1fce453b45772098aabd92a954
- SHA512
  
  2437fb42750182dfec70d6cba86053873abe29357749d3ab89f2e855fbb5734e16ce4d31e7b7cec22b5060cb677cbded78f777cdb006d405a0909b3945b1a227
- SSDEEP
  
  6144:Wifrt/9VPG/iLfryD12MXWrQhWXRcSQWCGrikUg1UTab7cwveEF6W6K1A:R/9pG/iLiPXWkjfmekHNcwveEF6WK
Score

7^/10

adware spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarespywarestealer

behavioral2

adwarespywarestealer