9e68542a9eebdb982433cdca5e3bf79246d85c03e85ccb82ea2886290b493184

Sharing

Copy URL

Twitter E-mail

General

Target

app.exe
Size

56.1MB
Sample

240425-gpea4sgd7s
MD5

3a547a21117568d2675d99cf31e96a0a
SHA1

fd03b61eed7cccfcf8eb3c39828a30d5afa73d78
SHA256

9e68542a9eebdb982433cdca5e3bf79246d85c03e85ccb82ea2886290b493184
SHA512

427e81899f53469553b3255acacd65890d2341f85c5971039b2e3fd99db81d6d8d6a1f3e217290600d5bf327257db5bdce7161c0582c0476dd89dd21c051069c
SSDEEP

1572864:9yJDf/7uf2uoHnCwYBB3//QpxLkttwgB57:gJj/Kf2RQvApWtj7

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  app.exe
- Size
  
  56.1MB
- MD5
  
  3a547a21117568d2675d99cf31e96a0a
- SHA1
  
  fd03b61eed7cccfcf8eb3c39828a30d5afa73d78
- SHA256
  
  9e68542a9eebdb982433cdca5e3bf79246d85c03e85ccb82ea2886290b493184
- SHA512
  
  427e81899f53469553b3255acacd65890d2341f85c5971039b2e3fd99db81d6d8d6a1f3e217290600d5bf327257db5bdce7161c0582c0476dd89dd21c051069c
- SSDEEP
  
  1572864:9yJDf/7uf2uoHnCwYBB3//QpxLkttwgB57:gJj/Kf2RQvApWtj7
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral5 behavioral6
- Target
  
  LICENSES.chromium.html
- Size
  
  5.2MB
- MD5
  
  df37c89638c65db9a4518b88e79350be
- SHA1
  
  6b9ba9fba54fb3aa1b938de218f549078924ac50
- SHA256
  
  dbd18fe7c6e72eeb81680fabef9b6c0262d1d2d1aa679b3b221d9d9ced509463
- SHA512
  
  93dd6df08fc0bfaf3e6a690943c090aefe66c5e9995392bebd510c5b6260533b1522dc529b8328dfe862192e1357e9e98d1cdd95117c08c76be3ab565c6eea67
- SSDEEP
  
  12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZb:sPM95FCWStQj6ERs/mfMl6H0skDpS
Score

1^/10
behavioral7 behavioral8
- Target
  
  app.exe
- Size
  
  139.6MB
- MD5
  
  d4d78a1172851c26a6132cf65de31ae0
- SHA1
  
  89bbbcae5e98307ae4e14ae510af4bd17da582c4
- SHA256
  
  b9b6921e279b16b9035cc7beffee32ffcc10a4a99bbe6102d122a8b6d07c904c
- SHA512
  
  7436b6fc36f7e92e37a2ff555c4685054729c5ccfbb2b75a57696a6aec98339c13cee7009ed9c86016158c5d702a20611f09a514556b3e9c11b941902f848566
- SSDEEP
  
  786432:ESfg0tbLs2cRE3FsdxwBFyAaZZiljQWohhjbj6S46P845IPD:ESj5szmFcxwBFyAaZ4jMhhXcyC
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral10 behavioral9
- Target
  
  d3dcompiler_47.dll
- Size
  
  4.3MB
- MD5
  
  7641e39b7da4077084d2afe7c31032e0
- SHA1
  
  2256644f69435ff2fee76deb04d918083960d1eb
- SHA256
  
  44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47
- SHA512
  
  8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5
- SSDEEP
  
  49152:aYlc/220PPiMLKam+VMrLi21f4i3jn5ZO3XUDmOZQwVd2uQpN3WsGVUWd55i/jrs:a6KD2Mrdaix4NQnLt
Score

1^/10
behavioral11
- Target
  
  ffmpeg.dll
- Size
  
  2.6MB
- MD5
  
  12cb29b61007fd6cd166882635241038
- SHA1
  
  31bacefd2d7238fb5ac77f728bb39a27b400dbb0
- SHA256
  
  2e60bc5a05d3e98d12d2bd577d63b6dc77bd1b3734633259fcaf50fa3688ca9c
- SHA512
  
  cbfab7708a01fe47904facfdf9604025d6f1c680e40ada0b4c1b1ef35a4eab7de5de96c22d0491c6d202175d2c66693216efab6cfab73e316d466811d834b126
- SSDEEP
  
  49152:uECJ65OaQWBt2agP7TsyRT63/aoFHSgaYrUgZtAc/9Z3xB0a4Tml0m+af:BIbRTeioFNUJc304
Score

1^/10
behavioral12 behavioral13
- Target
  
  libEGL.dll
- Size
  
  437KB
- MD5
  
  979b72ca6e98fc7fdcfcc50d77906fb5
- SHA1
  
  dc4b874f495ed73c90b39feb566a48a081371c4b
- SHA256
  
  73d1f5880980a2ccb8e5a15e285a4a11fccd80754829e85aa9a3b8ffecf39dd9
- SHA512
  
  bd4d25a591d1c52d9a4a850a5bccbbf5ec8d174f5f093c0fd611a18af8d337b918464220a4f9591d03582aadf1c9cb392596a5449fb7d0a928889b0f65f8c619
- SSDEEP
  
  6144:qdpiWYLBViWOSdAr1Knk2mI3LpxE0RYqowpW6VmHrtCf1FI:EpvYLbiWBqrQnPxE0cKmHZiP
Score

1^/10
behavioral14 behavioral15
- Target
  
  libGLESv2.dll
- Size
  
  6.7MB
- MD5
  
  5300049a47fd88310ef94f9e37eeb247
- SHA1
  
  89672d16382a75781eeca002c850c17cfc46e851
- SHA256
  
  33863ea4047e4eaae8f24bfa3491bb809d4c3d44489ae2bbe5e3af9e5cc1fe50
- SHA512
  
  b38ef83cb40923654ae1efcdb8af63e1fb47f640a0cbeac350b97f24da1365da23d757cacef1f9e994ace0b076b4bc1408644347aec3c94995bb27d184a93c09
- SSDEEP
  
  49152:sK2UPH7xqUcXJQ/jprR9tf3NPj3O92E+hvk3aOosZPYkZXup70MUgSgcS87ExQhV:UUcXJ8950X+KS5nUSoPYirbm
Score

1^/10
behavioral16 behavioral17
- Target
  
  resources/elevate.exe
- Size
  
  105KB
- MD5
  
  792b92c8ad13c46f27c7ced0810694df
- SHA1
  
  d8d449b92de20a57df722df46435ba4553ecc802
- SHA256
  
  9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37
- SHA512
  
  6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40
- SSDEEP
  
  3072:1bLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWl:1PrwRhte1XsE1l
Score

1^/10
behavioral18 behavioral19
- Target
  
  swiftshader/libEGL.dll
- Size
  
  450KB
- MD5
  
  2ffc36c5555a36a4f26c1aa7a8108b4a
- SHA1
  
  2ec38b17a0e9d5b0a4c397921aa4430607d32edc
- SHA256
  
  f8b8b96cc384171268cbd543d9486a97b2f2066d45ac118421ff974baf18d2e5
- SHA512
  
  0df87d336e223ade77eecaee88d8af2832f1cec3b5681699646e0be933b3f0acdb3765492e9d8fd713453dea2a7fd38d46c201c96313a06a484f23a78a716cfe
- SSDEEP
  
  6144:GFzcMPKWOp0q29LDwK3p3KHvDstVpphcSGbwSi6wH0hl:i2WOOqiLDrthhcSG0c
Score

1^/10
behavioral20 behavioral21
- Target
  
  swiftshader/libGLESv2.dll
- Size
  
  3.0MB
- MD5
  
  41d3387761bbb79d4820e8d242561027
- SHA1
  
  27dfda8ce933af12578fb64f3171f40f56bace55
- SHA256
  
  ed005ae1d388e0256e9ae304933980897ec2cfa957ed5babab6ae2a5dcf5c5f5
- SHA512
  
  cc396d0c2a94c31b8a42697f456f74e8ede1ad1fbc7eb1e4983544166041ff878048f60af9b1525320770ee477c63d6c466746c2c33fd30bc2d7ec903f8af944
- SSDEEP
  
  49152:N0mOy4fytPTlZQPF/IBCfG/owBx8iqQyehF3Hn0gPD2vzFW/GyCbZpjGKiqZ/nYU:NgfyjyeelZ/YNg/Yr
Score

1^/10
behavioral22 behavioral23
- Target
  
  vk_swiftshader.dll
- Size
  
  4.4MB
- MD5
  
  37bba2c66e2364a5b3e6666864f3b604
- SHA1
  
  f2ecffd48760482ba055aa50cd78c5ac02d09ba2
- SHA256
  
  23e6927733549be11d506b862cc7148b7b08b50b4387837db522ec9380babc46
- SHA512
  
  6e7835fce0e988c997049796125b4f2ef83cb9c2e326edeb54d4bad77fa31bf4b4227aeb1db445d3ee21e6cb959d65310a1bbda2d14e567d4123cf6544a947ea
- SSDEEP
  
  49152:vx2VjoakX4pb7QH1fUlTB7zmNmdpTE5NSomaZXYjLlHks2RPF/lOzl+LZ/n6du7F:A2DtJ+wixdag
Score

1^/10
behavioral24 behavioral25
- Target
  
  vulkan-1.dll
- Size
  
  819KB
- MD5
  
  ad4a5dcf631afd553b4fed8a269c7897
- SHA1
  
  f1bded0b28ee8aed4a52a6d19d871eba4828e0f2
- SHA256
  
  3141825bfa3a8cecf8b59767e8b6ac41c20685932d6000b9c6cd0e40ddca12db
- SHA512
  
  8e01379201f2a907cff7f32dfbac6b1eb8ee014312755884b35e4065477d8a8069e3188086d7cced11d437b461211bca6abb6e582e98473883cf35faad41eae2
- SSDEEP
  
  12288:4kyJJLfcn5To6PuXtLvEdGnZSss43uobpoD:fnhoR5Ed8S2uTD
Score

1^/10
behavioral26 behavioral27
- Target
  
  $PLUGINSDIR/nsis7z.dll
- Size
  
  424KB
- MD5
  
  80e44ce4895304c6a3a831310fbf8cd0
- SHA1
  
  36bd49ae21c460be5753a904b4501f1abca53508
- SHA256
  
  b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
- SHA512
  
  c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df
- SSDEEP
  
  6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck
Score

3^/10
behavioral28 behavioral29

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29