1535fc1b3d1d14fb7d93bfb3dd4dae2c16e4486ad9b7682c2e1f991aaa52eb75 | Triage

Sharing

General

Target

1535fc1b3d1d14fb7d93bfb3dd4dae2c16e4486ad9b7682c2e1f991aaa52eb75
Size

2.6MB
Sample

240428-16atssah2x
MD5

5bc4df35701b3e16cd4f20c446884219
SHA1

e08b67b5d91574da9a845be6f8ba37a76fc2cfbf
SHA256

1535fc1b3d1d14fb7d93bfb3dd4dae2c16e4486ad9b7682c2e1f991aaa52eb75
SHA512

1e2d0617e7a9c5b5074baa54833f4fa156264f18e1fcb8a3f7ef9b445d317a964d726e061d6bcdafac68edffcde6d2029e49ad742e02b00f1aee3b482b111ecc
SSDEEP

49152:Bnb7DEHyeE6PajOzQ6P7dRzIKhoBOR0qiU5pXhEQTZ1lsc47vqZ46ltE3Co:tX8PaaQgRzIKWU3iue846ltFo

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  1535fc1b3d1d14fb7d93bfb3dd4dae2c16e4486ad9b7682c2e1f991aaa52eb75
- Size
  
  2.6MB
- MD5
  
  5bc4df35701b3e16cd4f20c446884219
- SHA1
  
  e08b67b5d91574da9a845be6f8ba37a76fc2cfbf
- SHA256
  
  1535fc1b3d1d14fb7d93bfb3dd4dae2c16e4486ad9b7682c2e1f991aaa52eb75
- SHA512
  
  1e2d0617e7a9c5b5074baa54833f4fa156264f18e1fcb8a3f7ef9b445d317a964d726e061d6bcdafac68edffcde6d2029e49ad742e02b00f1aee3b482b111ecc
- SSDEEP
  
  49152:Bnb7DEHyeE6PajOzQ6P7dRzIKhoBOR0qiU5pXhEQTZ1lsc47vqZ46ltE3Co:tX8PaaQgRzIKWU3iue846ltFo
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2