98caba8b3fba33300ba478001c572a76c90fd1b7d1b4bc48ecd9a9e67aa117bb | Triage

Sharing

General

Target

98caba8b3fba33300ba478001c572a76c90fd1b7d1b4bc48ecd9a9e67aa117bb
Size

765KB
Sample

240429-ahzj5sch91
MD5

49a94faa72e440e69df66fba95ebcc77
SHA1

6e552f60ff0c5e696e837b4bf37d5ab51e3b6766
SHA256

98caba8b3fba33300ba478001c572a76c90fd1b7d1b4bc48ecd9a9e67aa117bb
SHA512

e433cee91a433cbd4484e28172b79fa97fdcb99e98d43c0d52d9ec9d8c03e232f5bb50f50e6a6273276e219048c4152b01c64547d77363456eb3a1f4484dfb50
SSDEEP

12288:W+/FdZYf2y6nHeAz/DURM9TvdwHRVgeVNzcy0VXGYFOW6JxeL9/oJb9d:b9do2yM/DUarEVdxrgXGfWLZAT

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  98caba8b3fba33300ba478001c572a76c90fd1b7d1b4bc48ecd9a9e67aa117bb
- Size
  
  765KB
- MD5
  
  49a94faa72e440e69df66fba95ebcc77
- SHA1
  
  6e552f60ff0c5e696e837b4bf37d5ab51e3b6766
- SHA256
  
  98caba8b3fba33300ba478001c572a76c90fd1b7d1b4bc48ecd9a9e67aa117bb
- SHA512
  
  e433cee91a433cbd4484e28172b79fa97fdcb99e98d43c0d52d9ec9d8c03e232f5bb50f50e6a6273276e219048c4152b01c64547d77363456eb3a1f4484dfb50
- SSDEEP
  
  12288:W+/FdZYf2y6nHeAz/DURM9TvdwHRVgeVNzcy0VXGYFOW6JxeL9/oJb9d:b9do2yM/DUarEVdxrgXGfWLZAT
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2