54f7f3b113bc233f32d95f6861ed9f716976512173ee958d0f349dac97e991ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54f7f3b113bc233f32d95f6861ed9f716976512173ee958d0f349dac97e991ea
Size

2.6MB
Sample

240505-bme7qshh71
MD5

625c0ac260c3e91787ad57819a18f96b
SHA1

f872b9e7b2fd940a10f7b87734c9e0098fdb0c52
SHA256

54f7f3b113bc233f32d95f6861ed9f716976512173ee958d0f349dac97e991ea
SHA512

43b43514f7026143999eaeccb9e4f8b8d66a6ea7c89f3498b0008f0a03fe688ad650bf3ce57a2abae73e6f254570a52a590ac1cd1a4f851bff1abcd8d406d8fa
SSDEEP

49152:i3GRfLISK1RjB0+hi962F3fbClIeZaF5pXhEQTZ1lsc47vFn2Iwh2sUjfBjxZng:2+w1RjB0ia6Y3fbb6aFeFn2IDV7C

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  54f7f3b113bc233f32d95f6861ed9f716976512173ee958d0f349dac97e991ea
- Size
  
  2.6MB
- MD5
  
  625c0ac260c3e91787ad57819a18f96b
- SHA1
  
  f872b9e7b2fd940a10f7b87734c9e0098fdb0c52
- SHA256
  
  54f7f3b113bc233f32d95f6861ed9f716976512173ee958d0f349dac97e991ea
- SHA512
  
  43b43514f7026143999eaeccb9e4f8b8d66a6ea7c89f3498b0008f0a03fe688ad650bf3ce57a2abae73e6f254570a52a590ac1cd1a4f851bff1abcd8d406d8fa
- SSDEEP
  
  49152:i3GRfLISK1RjB0+hi962F3fbClIeZaF5pXhEQTZ1lsc47vFn2Iwh2sUjfBjxZng:2+w1RjB0ia6Y3fbb6aFeFn2IDV7C
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2