9e20484fa8f3da77ac5b64ad1b795342e2b1e4fe9f089869ffb88c0ec22a7f46 | Triage

Sharing

General

Target

9e20484fa8f3da77ac5b64ad1b795342e2b1e4fe9f089869ffb88c0ec22a7f46
Size

322KB
Sample

240428-xx3lnsfb6s
MD5

abada973ce851f95ecc47c078e6fd031
SHA1

92cf362e18c2d3690cd5724fcd0a6bd437983bad
SHA256

9e20484fa8f3da77ac5b64ad1b795342e2b1e4fe9f089869ffb88c0ec22a7f46
SHA512

a587138cc1976933de92af4f505c00fdc05e3991fbf4f466a4c97c02caaa1ab36440fd513f4a513437db99cbd34107b6ec21c6814d245ae0bf11938e91252c6c
SSDEEP

1536:/qbSe+Zk78NR3dN5nPF9aJfXgY1zUTyr5hVM:/3e+a+3dN59+XgTTSje

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  9e20484fa8f3da77ac5b64ad1b795342e2b1e4fe9f089869ffb88c0ec22a7f46
- Size
  
  322KB
- MD5
  
  abada973ce851f95ecc47c078e6fd031
- SHA1
  
  92cf362e18c2d3690cd5724fcd0a6bd437983bad
- SHA256
  
  9e20484fa8f3da77ac5b64ad1b795342e2b1e4fe9f089869ffb88c0ec22a7f46
- SHA512
  
  a587138cc1976933de92af4f505c00fdc05e3991fbf4f466a4c97c02caaa1ab36440fd513f4a513437db99cbd34107b6ec21c6814d245ae0bf11938e91252c6c
- SSDEEP
  
  1536:/qbSe+Zk78NR3dN5nPF9aJfXgY1zUTyr5hVM:/3e+a+3dN59+XgTTSje
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2