31e09318b1b9aecd7fb77dff5e9209b56f33f0f47e35f653d97b322119ddebcb | Triage

Sharing

General

Target

31e09318b1b9aecd7fb77dff5e9209b56f33f0f47e35f653d97b322119ddebcb
Size

69KB
Sample

240427-k7p24sgb2w
MD5

6bb0bf1000bedd9805dc7318a6e64b47
SHA1

b520d7dad4f82a85185c4a9e7b3b8ebb35cb9240
SHA256

31e09318b1b9aecd7fb77dff5e9209b56f33f0f47e35f653d97b322119ddebcb
SHA512

fe110c339c3e75df4d1f12a047e200808b1cf0c112e8f273500e1343da43d5ad3446a4596a3747bf8723f256469fccf6fad0889d6d2e977cdabf58ffd352f25c
SSDEEP

1536:jLce+Zk78Tg1I6GkJxriw+d9bHrkT5gUHz7FxtJ:jLce+aaoMIrBkfkT5xHzD

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  31e09318b1b9aecd7fb77dff5e9209b56f33f0f47e35f653d97b322119ddebcb
- Size
  
  69KB
- MD5
  
  6bb0bf1000bedd9805dc7318a6e64b47
- SHA1
  
  b520d7dad4f82a85185c4a9e7b3b8ebb35cb9240
- SHA256
  
  31e09318b1b9aecd7fb77dff5e9209b56f33f0f47e35f653d97b322119ddebcb
- SHA512
  
  fe110c339c3e75df4d1f12a047e200808b1cf0c112e8f273500e1343da43d5ad3446a4596a3747bf8723f256469fccf6fad0889d6d2e977cdabf58ffd352f25c
- SSDEEP
  
  1536:jLce+Zk78Tg1I6GkJxriw+d9bHrkT5gUHz7FxtJ:jLce+aaoMIrBkfkT5xHzD
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2