5b8f4cb6058e9c245b6d0709ebf48e0eaf9289076183cf619fd628678ec4fbbf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b8f4cb6058e9c245b6d0709ebf48e0eaf9289076183cf619fd628678ec4fbbf
Size

71KB
Sample

240424-119e6sae21
MD5

3ed7fbee4ec55edf51a426a7765fe92e
SHA1

55f85989cc302613195bfcf4741addf4684f182e
SHA256

5b8f4cb6058e9c245b6d0709ebf48e0eaf9289076183cf619fd628678ec4fbbf
SHA512

9852e7602e32f1e60e4fb5bb3269c9dbdb45d82d7d8a0a8b002385a42f2f83581a52c36ff5175d8b55dacd9a4e25813784b991031a37e85494a9b7a55d0c3031
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTe:ZRpAyazIliazTe

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  5b8f4cb6058e9c245b6d0709ebf48e0eaf9289076183cf619fd628678ec4fbbf
- Size
  
  71KB
- MD5
  
  3ed7fbee4ec55edf51a426a7765fe92e
- SHA1
  
  55f85989cc302613195bfcf4741addf4684f182e
- SHA256
  
  5b8f4cb6058e9c245b6d0709ebf48e0eaf9289076183cf619fd628678ec4fbbf
- SHA512
  
  9852e7602e32f1e60e4fb5bb3269c9dbdb45d82d7d8a0a8b002385a42f2f83581a52c36ff5175d8b55dacd9a4e25813784b991031a37e85494a9b7a55d0c3031
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTe:ZRpAyazIliazTe
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer