08e4b98aa0b6db9e46a23b8eca0706d99ec4f015ad6f6a3175479be3998bf402 | Triage

Sharing

General

Target

08e4b98aa0b6db9e46a23b8eca0706d99ec4f015ad6f6a3175479be3998bf402
Size

2.6MB
Sample

240428-ewpdjsgc2z
MD5

2dcd6bd512856ea3f65a7d6d902729a4
SHA1

def270d0b65e74a5210d2d6692f3ac0ded4912bf
SHA256

08e4b98aa0b6db9e46a23b8eca0706d99ec4f015ad6f6a3175479be3998bf402
SHA512

104c891062ac2d9e2a541a6a38e7d0641e77b9492934512d86d233a4e8d6b5a0f037a7b121d6b2922c28d746c4adc052659eb51c23fc6dca49cc193f4c5fdcf9
SSDEEP

49152:za9Rhk9RAfzlIfuWH6IkXSbtAQH9QN5Ns5pXhEQTZ1lsc47vRsb/GS6gBS8vXRoM:+XCUIfdV9btAiQ7NmeRSuGBS+wE

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  08e4b98aa0b6db9e46a23b8eca0706d99ec4f015ad6f6a3175479be3998bf402
- Size
  
  2.6MB
- MD5
  
  2dcd6bd512856ea3f65a7d6d902729a4
- SHA1
  
  def270d0b65e74a5210d2d6692f3ac0ded4912bf
- SHA256
  
  08e4b98aa0b6db9e46a23b8eca0706d99ec4f015ad6f6a3175479be3998bf402
- SHA512
  
  104c891062ac2d9e2a541a6a38e7d0641e77b9492934512d86d233a4e8d6b5a0f037a7b121d6b2922c28d746c4adc052659eb51c23fc6dca49cc193f4c5fdcf9
- SSDEEP
  
  49152:za9Rhk9RAfzlIfuWH6IkXSbtAQH9QN5Ns5pXhEQTZ1lsc47vRsb/GS6gBS8vXRoM:+XCUIfdV9btAiQ7NmeRSuGBS+wE
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2