edb284bdb2647fa254822c7a7408b429ae1762cce1d2925f0febd8d28076e74a | Triage

Sharing

General

Target

edb284bdb2647fa254822c7a7408b429ae1762cce1d2925f0febd8d28076e74a
Size

2.6MB
Sample

240428-anpbcscb2v
MD5

487fb23c9f1930c11470b78331cf0797
SHA1

5ef0b912345082c51003ded0285261f312d55dad
SHA256

edb284bdb2647fa254822c7a7408b429ae1762cce1d2925f0febd8d28076e74a
SHA512

fd416c8cfafce20df31a84d97024bb776ed9e335304316f6d027a6db342568c33ea1026ff10a245013a49e7c403ae344daa7d3909780b5ae29c9f435f16addb0
SSDEEP

49152:wPcYFyCVGPra1hhnNoBisA3scPxFjSjhTSGIo8Y70QlA9EojgA7vgLAw0cO:wPvLHXNoBis1uxFm2Ql/UgAOAw3

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  edb284bdb2647fa254822c7a7408b429ae1762cce1d2925f0febd8d28076e74a
- Size
  
  2.6MB
- MD5
  
  487fb23c9f1930c11470b78331cf0797
- SHA1
  
  5ef0b912345082c51003ded0285261f312d55dad
- SHA256
  
  edb284bdb2647fa254822c7a7408b429ae1762cce1d2925f0febd8d28076e74a
- SHA512
  
  fd416c8cfafce20df31a84d97024bb776ed9e335304316f6d027a6db342568c33ea1026ff10a245013a49e7c403ae344daa7d3909780b5ae29c9f435f16addb0
- SSDEEP
  
  49152:wPcYFyCVGPra1hhnNoBisA3scPxFjSjhTSGIo8Y70QlA9EojgA7vgLAw0cO:wPvLHXNoBis1uxFm2Ql/UgAOAw3
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2