57ce7c1ae7481d8e9e55b87fefd55125dfc2218d08f6076bb987fd50572e9a32 | Triage

Sharing

General

Target

57ce7c1ae7481d8e9e55b87fefd55125dfc2218d08f6076bb987fd50572e9a32
Size

717KB
Sample

240427-k7qnmsgb2z
MD5

ef8f03c5889898be3b313c3c0c92536f
SHA1

3a06ae848105787640256521c1c52e745d819ada
SHA256

57ce7c1ae7481d8e9e55b87fefd55125dfc2218d08f6076bb987fd50572e9a32
SHA512

ca093fc94c3a1ec3099d9c2abe1b6760c2b087fa202176486c92680377b5a040eb684f271d97b8ffa18b6babf8b44ec58f070ea401080be9578fa7eb89b64ea8
SSDEEP

12288:h+aGfC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:hBaLOS2opPIXV

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  57ce7c1ae7481d8e9e55b87fefd55125dfc2218d08f6076bb987fd50572e9a32
- Size
  
  717KB
- MD5
  
  ef8f03c5889898be3b313c3c0c92536f
- SHA1
  
  3a06ae848105787640256521c1c52e745d819ada
- SHA256
  
  57ce7c1ae7481d8e9e55b87fefd55125dfc2218d08f6076bb987fd50572e9a32
- SHA512
  
  ca093fc94c3a1ec3099d9c2abe1b6760c2b087fa202176486c92680377b5a040eb684f271d97b8ffa18b6babf8b44ec58f070ea401080be9578fa7eb89b64ea8
- SSDEEP
  
  12288:h+aGfC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:hBaLOS2opPIXV
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2