dfa772294afc0635a9d1f4daf75c2f4560617c306f11241074bb7246e60db61d | Triage

Sharing

General

Target

dfa772294afc0635a9d1f4daf75c2f4560617c306f11241074bb7246e60db61d
Size

296KB
Sample

240512-few8hahc6s
MD5

163603face8c116973ae3976acac0fb8
SHA1

145200a3eb064cdfb3a07ebe6731eddf6dc36f27
SHA256

dfa772294afc0635a9d1f4daf75c2f4560617c306f11241074bb7246e60db61d
SHA512

d51a95d7fec950176a4c76816ed3ffc1c5d605e38cc1d6b17b01e9449208ca9d412bb89bf42de6a9e270d5a9e2185e80e0226128a30fe0f952cffcdf7b01f01f
SSDEEP

6144:xvu340ef/U3WOZMXB1ouwz0oRbBhUO2WgyFxtcoYCPxtETd2bZyC:wBoB1Nwz0oRbBd2WgyFxWoHxtEgsC

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  dfa772294afc0635a9d1f4daf75c2f4560617c306f11241074bb7246e60db61d
- Size
  
  296KB
- MD5
  
  163603face8c116973ae3976acac0fb8
- SHA1
  
  145200a3eb064cdfb3a07ebe6731eddf6dc36f27
- SHA256
  
  dfa772294afc0635a9d1f4daf75c2f4560617c306f11241074bb7246e60db61d
- SHA512
  
  d51a95d7fec950176a4c76816ed3ffc1c5d605e38cc1d6b17b01e9449208ca9d412bb89bf42de6a9e270d5a9e2185e80e0226128a30fe0f952cffcdf7b01f01f
- SSDEEP
  
  6144:xvu340ef/U3WOZMXB1ouwz0oRbBhUO2WgyFxtcoYCPxtETd2bZyC:wBoB1Nwz0oRbBd2WgyFxWoHxtEgsC
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2