d64886fa6c496b46f5faa38c407193bcfe85f734fa778cc08409cebd542bde3d | Triage

Sharing

General

Target

d64886fa6c496b46f5faa38c407193bcfe85f734fa778cc08409cebd542bde3d
Size

84KB
Sample

240420-dy5ymsfb39
MD5

1aa5d12031db932b9763fb0e4be44922
SHA1

0ce1130afdbceb1c46ec414e5fc343c326e25a08
SHA256

d64886fa6c496b46f5faa38c407193bcfe85f734fa778cc08409cebd542bde3d
SHA512

6985c7cfeb2e7c4247ceccaf54b7ae713fd763f43ba5d028118e859857fa23646b0acdc6d1d6c6e489bb539d9574c221b0fe86da7520725ec0fdc0474455e36a
SSDEEP

768:JNK2cNW0QbRsWjcd+6yBFLqJ4Z8qx70RM8/O/B2Z9tRQ1LVXq+:pcNjQlsWjcd+xzl7SMQQ3Xq+

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  d64886fa6c496b46f5faa38c407193bcfe85f734fa778cc08409cebd542bde3d
- Size
  
  84KB
- MD5
  
  1aa5d12031db932b9763fb0e4be44922
- SHA1
  
  0ce1130afdbceb1c46ec414e5fc343c326e25a08
- SHA256
  
  d64886fa6c496b46f5faa38c407193bcfe85f734fa778cc08409cebd542bde3d
- SHA512
  
  6985c7cfeb2e7c4247ceccaf54b7ae713fd763f43ba5d028118e859857fa23646b0acdc6d1d6c6e489bb539d9574c221b0fe86da7520725ec0fdc0474455e36a
- SSDEEP
  
  768:JNK2cNW0QbRsWjcd+6yBFLqJ4Z8qx70RM8/O/B2Z9tRQ1LVXq+:pcNjQlsWjcd+xzl7SMQQ3Xq+
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer