a2bec890757af40dad832e848af2a1eeeff5af989975ed7aba512bebb7e403c4 | Triage

Sharing

General

Target

a2bec890757af40dad832e848af2a1eeeff5af989975ed7aba512bebb7e403c4
Size

2.6MB
Sample

240428-z3wfnahg2z
MD5

8abe47f82fac254f9c22bc1805c687e6
SHA1

dd1abacae7463d4ace8e662ac045c4c4a48fd96c
SHA256

a2bec890757af40dad832e848af2a1eeeff5af989975ed7aba512bebb7e403c4
SHA512

ab7f1f9093bfb562d9753554bc6de1145f12ad2bcf14c433254b82a758c388044514592772b855b3b53733b4e1b2a1b7c284814313eacfc543744df08c11d11c
SSDEEP

49152:Bk1IYtn/nOeTJKjUPIQ6IkW8kLf/8515pXhEQTZ1lsc47v9VmR9fhmkPFAuL4VBD:BkKY5TJKIsIkWF05Ve9VmRPynxi

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  a2bec890757af40dad832e848af2a1eeeff5af989975ed7aba512bebb7e403c4
- Size
  
  2.6MB
- MD5
  
  8abe47f82fac254f9c22bc1805c687e6
- SHA1
  
  dd1abacae7463d4ace8e662ac045c4c4a48fd96c
- SHA256
  
  a2bec890757af40dad832e848af2a1eeeff5af989975ed7aba512bebb7e403c4
- SHA512
  
  ab7f1f9093bfb562d9753554bc6de1145f12ad2bcf14c433254b82a758c388044514592772b855b3b53733b4e1b2a1b7c284814313eacfc543744df08c11d11c
- SSDEEP
  
  49152:Bk1IYtn/nOeTJKjUPIQ6IkW8kLf/8515pXhEQTZ1lsc47v9VmR9fhmkPFAuL4VBD:BkKY5TJKIsIkWF05Ve9VmRPynxi
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2