42e56114246085fbc6939b370d91cddd0028f36597d262fe6f8a612c2f87214a | Triage

Sharing

General

Target

42e56114246085fbc6939b370d91cddd0028f36597d262fe6f8a612c2f87214a
Size

666KB
Sample

240507-h3t46ahc92
MD5

f3cf1512b1b57c1f6fcda42c95c861e2
SHA1

9b5f982e8462ec971538916de71df4d72847228e
SHA256

42e56114246085fbc6939b370d91cddd0028f36597d262fe6f8a612c2f87214a
SHA512

d144a0d3fa8d84db35540837531ac1878ee197f928c0e3fc749d73fb004f8ea70a81bd5304e84ad03e7afe534b118c7180b1d867ed64c620bfec6203e27aeb6a
SSDEEP

6144:mZi13PC9LRU0ySj14WH+JPb7uL8zRMnJjNhAp7SO8zRMnJjNhAp7S8FRcdEKFVAh:mZi13KPFlTz

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  42e56114246085fbc6939b370d91cddd0028f36597d262fe6f8a612c2f87214a
- Size
  
  666KB
- MD5
  
  f3cf1512b1b57c1f6fcda42c95c861e2
- SHA1
  
  9b5f982e8462ec971538916de71df4d72847228e
- SHA256
  
  42e56114246085fbc6939b370d91cddd0028f36597d262fe6f8a612c2f87214a
- SHA512
  
  d144a0d3fa8d84db35540837531ac1878ee197f928c0e3fc749d73fb004f8ea70a81bd5304e84ad03e7afe534b118c7180b1d867ed64c620bfec6203e27aeb6a
- SSDEEP
  
  6144:mZi13PC9LRU0ySj14WH+JPb7uL8zRMnJjNhAp7SO8zRMnJjNhAp7S8FRcdEKFVAh:mZi13KPFlTz
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2