ab3eead3adf05d30705ac1b104e1b16207cec33ca87c37e9eabc4b454f1063af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab3eead3adf05d30705ac1b104e1b16207cec33ca87c37e9eabc4b454f1063af
Size

258KB
Sample

240425-ngtt6aab6t
MD5

607348aab4e70fc28cf10668b0a736ac
SHA1

cf1960317bd7ca0851fab8b297338ff16e4bbf32
SHA256

ab3eead3adf05d30705ac1b104e1b16207cec33ca87c37e9eabc4b454f1063af
SHA512

33c6b5f0b9a379cfeac73443aa68d57a929a87108dab65d4399e935db4b812b8030549c9aad544b72688ca66e6e05fce2aec222575eba40981d1e590e608035e
SSDEEP

6144:t+aX3xFEgiC4bXqsTk90qC1AOb7eswf1Px++fD8PJ:t+axpitXqsTkiR7twRx+gD8PJ

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  ab3eead3adf05d30705ac1b104e1b16207cec33ca87c37e9eabc4b454f1063af
- Size
  
  258KB
- MD5
  
  607348aab4e70fc28cf10668b0a736ac
- SHA1
  
  cf1960317bd7ca0851fab8b297338ff16e4bbf32
- SHA256
  
  ab3eead3adf05d30705ac1b104e1b16207cec33ca87c37e9eabc4b454f1063af
- SHA512
  
  33c6b5f0b9a379cfeac73443aa68d57a929a87108dab65d4399e935db4b812b8030549c9aad544b72688ca66e6e05fce2aec222575eba40981d1e590e608035e
- SSDEEP
  
  6144:t+aX3xFEgiC4bXqsTk90qC1AOb7eswf1Px++fD8PJ:t+axpitXqsTkiR7twRx+gD8PJ
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2