d3c49be1019c0c688d025ee9d7da6ec6e182799f74eb391c79d264e17643d74a | Triage

Sharing

General

Target

d3c49be1019c0c688d025ee9d7da6ec6e182799f74eb391c79d264e17643d74a
Size

2.6MB
Sample

240427-k7wjwsfd68
MD5

b4134031029627864ba572db9b29aac8
SHA1

ae10ec794106fbf95c82596807f34b9ec4e33da0
SHA256

d3c49be1019c0c688d025ee9d7da6ec6e182799f74eb391c79d264e17643d74a
SHA512

f4e6f1107e936122756d740953351bbb25897a011fdfd7c67f5a9d291e2d9a615e04a57ab1af82ff05edca38de0ebeb6eb785b7eb21233d76443f707a3798192
SSDEEP

49152:yNEIkiiG3VRqVrSrzkUvocC+pg5GjSjhTSGIo8Y70tRNon3MtlI/p:yNEJkDgUvQOg5Gm2tR6Ekp

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  d3c49be1019c0c688d025ee9d7da6ec6e182799f74eb391c79d264e17643d74a
- Size
  
  2.6MB
- MD5
  
  b4134031029627864ba572db9b29aac8
- SHA1
  
  ae10ec794106fbf95c82596807f34b9ec4e33da0
- SHA256
  
  d3c49be1019c0c688d025ee9d7da6ec6e182799f74eb391c79d264e17643d74a
- SHA512
  
  f4e6f1107e936122756d740953351bbb25897a011fdfd7c67f5a9d291e2d9a615e04a57ab1af82ff05edca38de0ebeb6eb785b7eb21233d76443f707a3798192
- SSDEEP
  
  49152:yNEIkiiG3VRqVrSrzkUvocC+pg5GjSjhTSGIo8Y70tRNon3MtlI/p:yNEJkDgUvQOg5Gm2tR6Ekp
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2