c0a1bd773fea3e5066dd3dcf610c7ea9560896773355d37261630a12a6c40f0e | Triage

Sharing

General

Target

c0a1bd773fea3e5066dd3dcf610c7ea9560896773355d37261630a12a6c40f0e
Size

2.6MB
Sample

240427-h8j65sdg72
MD5

251e741a85984a23f7c483a5c181443c
SHA1

a7310e5d6b4b8a4adb6ab927cd3a2f60403c5e3e
SHA256

c0a1bd773fea3e5066dd3dcf610c7ea9560896773355d37261630a12a6c40f0e
SHA512

23807e8367822c4f1814f65935e72f9320ca29ee75a7e8124c87f00636d43f1898de416f2cf6df6d2c2c8a8226359172d54530b657e9c4214637d6f87da9bcc7
SSDEEP

49152:nPh1zhpv6LWxBiEY32+tbxP5Z1ENjSjhTSGIo8Y70tEyAx+HS62sXxyQg:nPhsqv+dfvENm2tEyVr7Xb

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  c0a1bd773fea3e5066dd3dcf610c7ea9560896773355d37261630a12a6c40f0e
- Size
  
  2.6MB
- MD5
  
  251e741a85984a23f7c483a5c181443c
- SHA1
  
  a7310e5d6b4b8a4adb6ab927cd3a2f60403c5e3e
- SHA256
  
  c0a1bd773fea3e5066dd3dcf610c7ea9560896773355d37261630a12a6c40f0e
- SHA512
  
  23807e8367822c4f1814f65935e72f9320ca29ee75a7e8124c87f00636d43f1898de416f2cf6df6d2c2c8a8226359172d54530b657e9c4214637d6f87da9bcc7
- SSDEEP
  
  49152:nPh1zhpv6LWxBiEY32+tbxP5Z1ENjSjhTSGIo8Y70tEyAx+HS62sXxyQg:nPhsqv+dfvENm2tEyVr7Xb
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2