841e804ee8334fb03ca41cf760237b8471e0184448ad36a1beeb06b1031f1e56 | Triage

Sharing

General

Target

841e804ee8334fb03ca41cf760237b8471e0184448ad36a1beeb06b1031f1e56
Size

3.2MB
Sample

240419-3nbdqaae48
MD5

fb756bf9161ca129a7952fe4e073d624
SHA1

d29e5b57c86a3208122819e5ec4b141d8de54f2d
SHA256

841e804ee8334fb03ca41cf760237b8471e0184448ad36a1beeb06b1031f1e56
SHA512

f9a7654a2a1fbb015a5e072ec945545fa8151a0818e685c21aa229f3b0be431a835f1c671dccc36b18a0d0cd699aff8e4a1cff7331c3d69285d1d259f51771cf
SSDEEP

98304:hePSLgdqU18mXaCXAs7cDc2PR96Ym/aL:hePVYYaCwsJ2PR961/A

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  841e804ee8334fb03ca41cf760237b8471e0184448ad36a1beeb06b1031f1e56
- Size
  
  3.2MB
- MD5
  
  fb756bf9161ca129a7952fe4e073d624
- SHA1
  
  d29e5b57c86a3208122819e5ec4b141d8de54f2d
- SHA256
  
  841e804ee8334fb03ca41cf760237b8471e0184448ad36a1beeb06b1031f1e56
- SHA512
  
  f9a7654a2a1fbb015a5e072ec945545fa8151a0818e685c21aa229f3b0be431a835f1c671dccc36b18a0d0cd699aff8e4a1cff7331c3d69285d1d259f51771cf
- SSDEEP
  
  98304:hePSLgdqU18mXaCXAs7cDc2PR96Ym/aL:hePVYYaCwsJ2PR961/A
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2