ccd1b73aa774e3deefb7672629099eec167b130521b9036b553af6e46ffdbe3f | Triage

Sharing

General

Target

DiscordSetup.exe
Size

94.6MB
Sample

240404-vypp4aeb24
MD5

c08f6fd1027cf7216bf6a4bb94a7e54a
SHA1

83f3d43ddcbe887144ad804bec9527bc36b56b49
SHA256

ccd1b73aa774e3deefb7672629099eec167b130521b9036b553af6e46ffdbe3f
SHA512

2f9f6b61750bdc95df74efcd735cf4696a23dab40b1fb0c799a0ba5fc02a08610c0925c3710cd70a99bf9a0a09e69fb934a80c3dd5e773d50ae9598d169fb06b
SSDEEP

1572864:hYLmKqR1jtc9bcgQxZYuxsQZonARqnz2a/XmC+fpjPkkyuJzI886/GJ+5lGoHGw:hYLmKYc9beZFh8z7/2xPW6+c7G2Gw

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  DiscordSetup.exe
- Size
  
  94.6MB
- MD5
  
  c08f6fd1027cf7216bf6a4bb94a7e54a
- SHA1
  
  83f3d43ddcbe887144ad804bec9527bc36b56b49
- SHA256
  
  ccd1b73aa774e3deefb7672629099eec167b130521b9036b553af6e46ffdbe3f
- SHA512
  
  2f9f6b61750bdc95df74efcd735cf4696a23dab40b1fb0c799a0ba5fc02a08610c0925c3710cd70a99bf9a0a09e69fb934a80c3dd5e773d50ae9598d169fb06b
- SSDEEP
  
  1572864:hYLmKqR1jtc9bcgQxZYuxsQZonARqnz2a/XmC+fpjPkkyuJzI886/GJ+5lGoHGw:hYLmKYc9beZFh8z7/2xPW6+c7G2Gw
Score

7^/10

persistence spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer