eff129dc01f2292d4306c80c976e6bda34e08763497758b92d34b6cc1db0b667 | Triage

Resubmissions

06/04/2024, 08:05

240406-jyw9dsea5v 7

06/04/2024, 08:03

240406-jxz9naeg34 7

Sharing

Copy URL Twitter E-mail

General

Target

sketchy.exe
Size

38.5MB
Sample

240406-jyw9dsea5v
MD5

c9e887a8ed0014744d5f59ef07327175
SHA1

2512323899ff57441937090182f896b9427a3506
SHA256

eff129dc01f2292d4306c80c976e6bda34e08763497758b92d34b6cc1db0b667
SHA512

7ab0da9310145bfe56d9f53b022176ff41d945d3766618ec5c2a2aa9f303d954ba0cd65c0bcdb42faea918e42a97b962f8116075f47592098f9a8b032ee9d822
SSDEEP

393216:wQgHDlanaGBXvDKtz+bhPWES4tiNQPNrIKc4gaPbUAgrO4mgh96l+ZArYsFRljSa:w3on1HvSzxAMNhFZArYs+dgCmxx5cs

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  sketchy.exe
- Size
  
  38.5MB
- MD5
  
  c9e887a8ed0014744d5f59ef07327175
- SHA1
  
  2512323899ff57441937090182f896b9427a3506
- SHA256
  
  eff129dc01f2292d4306c80c976e6bda34e08763497758b92d34b6cc1db0b667
- SHA512
  
  7ab0da9310145bfe56d9f53b022176ff41d945d3766618ec5c2a2aa9f303d954ba0cd65c0bcdb42faea918e42a97b962f8116075f47592098f9a8b032ee9d822
- SSDEEP
  
  393216:wQgHDlanaGBXvDKtz+bhPWES4tiNQPNrIKc4gaPbUAgrO4mgh96l+ZArYsFRljSa:w3on1HvSzxAMNhFZArYs+dgCmxx5cs
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1