b7ee1d1b4e4a7744fc901490da4d191b79f7f94566bcdb78e820b2f455211fb0 | Triage

Sharing

General

Target

b7ee1d1b4e4a7744fc901490da4d191b79f7f94566bcdb78e820b2f455211fb0
Size

2.6MB
Sample

240428-cq1taaed7w
MD5

f4a0ec5bfd04f3df9d85515a39e81dc9
SHA1

0c8690262af28a62778eeb33abd7a5da90bf3b9b
SHA256

b7ee1d1b4e4a7744fc901490da4d191b79f7f94566bcdb78e820b2f455211fb0
SHA512

b3ca3fb541510303f0b95d16e0e85887eb46da3e4c520aa2883df62edb0b0500d09464f46a86d0c6bb6d4d6580e25b3d614afee0de27df4d01c1def429a13cba
SSDEEP

49152:tGZDUzWUCGmFx5lkNnZVGVNBSbdIgtxJYqEpXhEQTZ1lsc07PRa2fou1S5/9kz:wVLdx5lkZMbSbdz7YN2Ra62/+

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  b7ee1d1b4e4a7744fc901490da4d191b79f7f94566bcdb78e820b2f455211fb0
- Size
  
  2.6MB
- MD5
  
  f4a0ec5bfd04f3df9d85515a39e81dc9
- SHA1
  
  0c8690262af28a62778eeb33abd7a5da90bf3b9b
- SHA256
  
  b7ee1d1b4e4a7744fc901490da4d191b79f7f94566bcdb78e820b2f455211fb0
- SHA512
  
  b3ca3fb541510303f0b95d16e0e85887eb46da3e4c520aa2883df62edb0b0500d09464f46a86d0c6bb6d4d6580e25b3d614afee0de27df4d01c1def429a13cba
- SSDEEP
  
  49152:tGZDUzWUCGmFx5lkNnZVGVNBSbdIgtxJYqEpXhEQTZ1lsc07PRa2fou1S5/9kz:wVLdx5lkZMbSbdz7YN2Ra62/+
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2