c35269f7174fca4d6c47d66f7ab60fc0f4f401b91caaca17b3c637fad3ed4c82 | Triage

Sharing

General

Target

c35269f7174fca4d6c47d66f7ab60fc0f4f401b91caaca17b3c637fad3ed4c82
Size

33KB
Sample

240505-rqy21sce6t
MD5

0d20f038ad62ff6b5fd30ce3ea460037
SHA1

1a654b3d6703c1e9aab6f420ee722184179558b7
SHA256

c35269f7174fca4d6c47d66f7ab60fc0f4f401b91caaca17b3c637fad3ed4c82
SHA512

e15973fd11e948fffa2e93296070c4c90b459b869e2548e37d02add2a948f0a6b4aa84c35ee971eb994a5187f114dbccfce2efbbaf981afd1a0e47b2aa5f5689
SSDEEP

768:PksElOIEvzMXqtwp/lttaL7HP4wIncLRdR5kP78a0RJW/a:PksaYzMXqtGNttyUn01Q78a4R

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  c35269f7174fca4d6c47d66f7ab60fc0f4f401b91caaca17b3c637fad3ed4c82
- Size
  
  33KB
- MD5
  
  0d20f038ad62ff6b5fd30ce3ea460037
- SHA1
  
  1a654b3d6703c1e9aab6f420ee722184179558b7
- SHA256
  
  c35269f7174fca4d6c47d66f7ab60fc0f4f401b91caaca17b3c637fad3ed4c82
- SHA512
  
  e15973fd11e948fffa2e93296070c4c90b459b869e2548e37d02add2a948f0a6b4aa84c35ee971eb994a5187f114dbccfce2efbbaf981afd1a0e47b2aa5f5689
- SSDEEP
  
  768:PksElOIEvzMXqtwp/lttaL7HP4wIncLRdR5kP78a0RJW/a:PksaYzMXqtGNttyUn01Q78a4R
Score

8^/10

spyware stealer
- Drops file in Drivers directory
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2