18ce929380ab15f9e9d23d156ff3cff56b94e33641a40379f57e7adc91130c3f

Resubmissions

09/04/2024, 22:11

240409-131wtaea38 8

09/04/2024, 21:43

09/04/2024, 21:18

06/04/2024, 10:55

06/04/2024, 10:41

Sharing

Copy URL

Twitter E-mail

General

Target

GalaxiaViva.exe
Size

69.8MB
Sample

240409-131wtaea38
MD5

62bda6829e7b08bd8f3c5b4057fa238f
SHA1

b3cadccbe3199cf72c8dd110b463137eed013e09
SHA256

18ce929380ab15f9e9d23d156ff3cff56b94e33641a40379f57e7adc91130c3f
SHA512

1966c014c929f8feff29f00aff837769b232890ad572b46d8056ea7b18de9b970ea8cdce0014fc2d040fc62476c1ffce222ad6b9209dfaec0bf535546de25147
SSDEEP

1572864:f85PaKHmqV6kLdNjObU5LwsagSbZFgagYjhSuyDV09arU7:uPaq1VddNaAwsa3bjhHyh09aA7

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  GalaxiaViva.exe
- Size
  
  69.8MB
- MD5
  
  62bda6829e7b08bd8f3c5b4057fa238f
- SHA1
  
  b3cadccbe3199cf72c8dd110b463137eed013e09
- SHA256
  
  18ce929380ab15f9e9d23d156ff3cff56b94e33641a40379f57e7adc91130c3f
- SHA512
  
  1966c014c929f8feff29f00aff837769b232890ad572b46d8056ea7b18de9b970ea8cdce0014fc2d040fc62476c1ffce222ad6b9209dfaec0bf535546de25147
- SSDEEP
  
  1572864:f85PaKHmqV6kLdNjObU5LwsagSbZFgagYjhSuyDV09arU7:uPaq1VddNaAwsa3bjhHyh09aA7
Score

8^/10

spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1
- Target
  
  Installer.exe
- Size
  
  147.0MB
- MD5
  
  2fcb65fc8b2bc9505da8dd94033cc7ad
- SHA1
  
  ff12916a1d57eb26d9e5856d91c450b155a35f65
- SHA256
  
  708543f3ca34ffe8e4d33c09560d4e190fe35bd2aa7a57369291174d537ffc32
- SHA512
  
  4927ede0dead3f947513add783a150245185ae1872b0f59d8159448423b33e636956e69b8278c37f62dd9a6a4ca59247f83beea4d59d1a6832ce5ce4533ed585
- SSDEEP
  
  1572864:EgGRqQdeZ4K5M0PmL0g6dKXPRYGO1QwOVnMKVbmd6LpL28nHQ5OneFBlwb:OV6msmCUhN4lS
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Legitimate hosting services abused for malware hosting/C2

Loads dropped DLL

Reads user/profile data of web browsers

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2