9db5984e6d27475115d0278dc9cc9198b83b427f422b48bcee86b727af346b8c | Triage

Sharing

General

Target

9db5984e6d27475115d0278dc9cc9198b83b427f422b48bcee86b727af346b8c
Size

1.3MB
Sample

240427-g2kzesch29
MD5

eeac0f7b67990c710f8215f93b7527e6
SHA1

35b647f39f45a78ff8f4c4b097ad590b0093daff
SHA256

9db5984e6d27475115d0278dc9cc9198b83b427f422b48bcee86b727af346b8c
SHA512

4a1c617ac1babcc0a226c595f9873da98566c93919ad30c703507938d3b72875b38e002561ed643c5882c8947c373003182e13fea2b98d816e0ef90828fcc4ce
SSDEEP

12288:D0iB+tIMTmkJR4Do07Y86gw5CtCjX+NLuFhNpBeZT3X:D0iBeSkQ/7Gb8NLEbeZ

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  9db5984e6d27475115d0278dc9cc9198b83b427f422b48bcee86b727af346b8c
- Size
  
  1.3MB
- MD5
  
  eeac0f7b67990c710f8215f93b7527e6
- SHA1
  
  35b647f39f45a78ff8f4c4b097ad590b0093daff
- SHA256
  
  9db5984e6d27475115d0278dc9cc9198b83b427f422b48bcee86b727af346b8c
- SHA512
  
  4a1c617ac1babcc0a226c595f9873da98566c93919ad30c703507938d3b72875b38e002561ed643c5882c8947c373003182e13fea2b98d816e0ef90828fcc4ce
- SSDEEP
  
  12288:D0iB+tIMTmkJR4Do07Y86gw5CtCjX+NLuFhNpBeZT3X:D0iBeSkQ/7Gb8NLEbeZ
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2