152ba1edd019998f8d6364e60c35cf07552a74078da7d6344ef3b7161c31657a | Triage

Sharing

General

Target

152ba1edd019998f8d6364e60c35cf07552a74078da7d6344ef3b7161c31657a
Size

2.7MB
Sample

240428-dt2enaeh82
MD5

a1120af8f821ac84cdddd0bcbc6b9275
SHA1

6819e52e49828b087f4c89a96af78e333c576635
SHA256

152ba1edd019998f8d6364e60c35cf07552a74078da7d6344ef3b7161c31657a
SHA512

b6e6e66421bb4d8dc48c6f829094be35ea97baab3574eccfaeb1e70e92cff917e5f0d2e2767acfcd13d382fff882cc4bc7e40aa6fc80b0c7d25876fd79290b45
SSDEEP

49152:mzX//DuEaTYmQn9zSDDrTgI5kWuFvjSjhTSGIo8Y70tsEIPkoB5mMaCPS6HV:mzXaTqSrTgHxFvm2t5y1aWS61

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  152ba1edd019998f8d6364e60c35cf07552a74078da7d6344ef3b7161c31657a
- Size
  
  2.7MB
- MD5
  
  a1120af8f821ac84cdddd0bcbc6b9275
- SHA1
  
  6819e52e49828b087f4c89a96af78e333c576635
- SHA256
  
  152ba1edd019998f8d6364e60c35cf07552a74078da7d6344ef3b7161c31657a
- SHA512
  
  b6e6e66421bb4d8dc48c6f829094be35ea97baab3574eccfaeb1e70e92cff917e5f0d2e2767acfcd13d382fff882cc4bc7e40aa6fc80b0c7d25876fd79290b45
- SSDEEP
  
  49152:mzX//DuEaTYmQn9zSDDrTgI5kWuFvjSjhTSGIo8Y70tsEIPkoB5mMaCPS6HV:mzXaTqSrTgHxFvm2t5y1aWS61
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2