eabd8af5d969200ea95500af2f8be323a4317ef32ffcaa505076f00cd7052c86 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

eabd8af5d9...86.exe

windows7-x64

7

eabd8af5d9...86.exe

windows10-2004-x64

7

Sharing

General

Target

eabd8af5d969200ea95500af2f8be323a4317ef32ffcaa505076f00cd7052c86
Size

1.8MB
Sample

240428-x2k77aeh99
MD5

4818e9a8af14db61566850e4ad4104ff
SHA1

c946d43b4acb3a1eeb2c89e1e55a984a5b40ad45
SHA256

eabd8af5d969200ea95500af2f8be323a4317ef32ffcaa505076f00cd7052c86
SHA512

c72cd7208e9e74903b755f42e0a6523bb00b205fec7e7c52dc783cc5db3a342ee3a2360ccb7ef3375cce6932c8dededd42488c3f364509beb079427078dd1caa
SSDEEP

49152:Ax5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAEssv/CpmpMgjtrrhDyQ:AvbjVkjjCAzJ9CpmpMQ5rFyQ

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

eabd8af5d969200ea95500af2f8be323a4317ef32ffcaa505076f00cd7052c86.exe

Resource

win7-20240220-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

eabd8af5d969200ea95500af2f8be323a4317ef32ffcaa505076f00cd7052c86.exe

Resource

win10v2004-20240426-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  eabd8af5d969200ea95500af2f8be323a4317ef32ffcaa505076f00cd7052c86
- Size
  
  1.8MB
- MD5
  
  4818e9a8af14db61566850e4ad4104ff
- SHA1
  
  c946d43b4acb3a1eeb2c89e1e55a984a5b40ad45
- SHA256
  
  eabd8af5d969200ea95500af2f8be323a4317ef32ffcaa505076f00cd7052c86
- SHA512
  
  c72cd7208e9e74903b755f42e0a6523bb00b205fec7e7c52dc783cc5db3a342ee3a2360ccb7ef3375cce6932c8dededd42488c3f364509beb079427078dd1caa
- SSDEEP
  
  49152:Ax5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAEssv/CpmpMgjtrrhDyQ:AvbjVkjjCAzJ9CpmpMQ5rFyQ
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy