e754d98314486475bcb77110ad6b8b63f1ebccd68fa0319f65d0a2cd4d7c8ce2 | Triage

Sharing

General

Target

e754d98314486475bcb77110ad6b8b63f1ebccd68fa0319f65d0a2cd4d7c8ce2
Size

66KB
Sample

240428-y1b4kagd7s
MD5

006ad69be27d59f1a0fd5b886f6ae00d
SHA1

7f09c46bc6accbf3e6c556ebc59cd312d5448b6e
SHA256

e754d98314486475bcb77110ad6b8b63f1ebccd68fa0319f65d0a2cd4d7c8ce2
SHA512

42eca31e40e76d7b4a867a1f29a4ff0e4ba81672d06ba8c516cd23fc14d50362a167f1898db696921ae468d3c2f6ee1cff880b92ae3d138872f8cab7f8988d51
SSDEEP

768:/qLPcTO5RroZJ76739sBWsNscWlM3dN9N3ZjfPPNC4OMMwP3Sy6EGyI4t6a9AkHu:/qbSe+Zk78NR3dN5nPNC4ayFGyHNXk

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  e754d98314486475bcb77110ad6b8b63f1ebccd68fa0319f65d0a2cd4d7c8ce2
- Size
  
  66KB
- MD5
  
  006ad69be27d59f1a0fd5b886f6ae00d
- SHA1
  
  7f09c46bc6accbf3e6c556ebc59cd312d5448b6e
- SHA256
  
  e754d98314486475bcb77110ad6b8b63f1ebccd68fa0319f65d0a2cd4d7c8ce2
- SHA512
  
  42eca31e40e76d7b4a867a1f29a4ff0e4ba81672d06ba8c516cd23fc14d50362a167f1898db696921ae468d3c2f6ee1cff880b92ae3d138872f8cab7f8988d51
- SSDEEP
  
  768:/qLPcTO5RroZJ76739sBWsNscWlM3dN9N3ZjfPPNC4OMMwP3Sy6EGyI4t6a9AkHu:/qbSe+Zk78NR3dN5nPNC4ayFGyHNXk
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2