1e07670fc2daca61eee2714b4c1845f7ebf6d84c0b53ecc0eaed5536a821ab94 | Triage

Sharing

General

Target

1e07670fc2daca61eee2714b4c1845f7ebf6d84c0b53ecc0eaed5536a821ab94
Size

339KB
Sample

240408-xxw4wshd22
MD5

61b42fa5ea4915cc1729e24498d599ef
SHA1

4dd7b8567707ae96c357037ffdcea65e5611e512
SHA256

1e07670fc2daca61eee2714b4c1845f7ebf6d84c0b53ecc0eaed5536a821ab94
SHA512

d968919b1ea341dc60e9a8ff07f9ee86c398cb1a96d4e012cadbf13bcd2226e2371985fec0faf258921eb566b28bdb1b3a3054c7f02ce41a81e0ef9bbe476fe6
SSDEEP

6144:gF/zJKPQrlsv5D8NVnrFy2wZroyyTf9vthRFIdpcqhw2T9XRPM:gF/z3rmmNVrA2qo/TFtKd/5T9XRPM

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  1e07670fc2daca61eee2714b4c1845f7ebf6d84c0b53ecc0eaed5536a821ab94
- Size
  
  339KB
- MD5
  
  61b42fa5ea4915cc1729e24498d599ef
- SHA1
  
  4dd7b8567707ae96c357037ffdcea65e5611e512
- SHA256
  
  1e07670fc2daca61eee2714b4c1845f7ebf6d84c0b53ecc0eaed5536a821ab94
- SHA512
  
  d968919b1ea341dc60e9a8ff07f9ee86c398cb1a96d4e012cadbf13bcd2226e2371985fec0faf258921eb566b28bdb1b3a3054c7f02ce41a81e0ef9bbe476fe6
- SSDEEP
  
  6144:gF/zJKPQrlsv5D8NVnrFy2wZroyyTf9vthRFIdpcqhw2T9XRPM:gF/z3rmmNVrA2qo/TFtKd/5T9XRPM
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2