1851de02b0b85132c5909bf01e4f93f63557df645ae62ca4e27fb105915e55c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1851de02b0b85132c5909bf01e4f93f63557df645ae62ca4e27fb105915e55c8
Size

332KB
Sample

240517-xsp5saeb67
MD5

e90ef3a70cb9f841735a7458633d4172
SHA1

704decf97b5ec72e4da24325899a6e0e038ec717
SHA256

1851de02b0b85132c5909bf01e4f93f63557df645ae62ca4e27fb105915e55c8
SHA512

a97bb2550ffee56a0ba049b7da902b73d898e3b1019d83a8f78b42e8f81d0413f68e0f1084500e8e5f537e10c7b3a574781a3465194cd1babf241c0a7b0e48f7
SSDEEP

6144:LIC9rR53g62Ka0NtBWovZQr6GFUliBRAl72oSfon+0RX6qws:XdT9NX6rxU2RAl72oSfM+a6

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  1851de02b0b85132c5909bf01e4f93f63557df645ae62ca4e27fb105915e55c8
- Size
  
  332KB
- MD5
  
  e90ef3a70cb9f841735a7458633d4172
- SHA1
  
  704decf97b5ec72e4da24325899a6e0e038ec717
- SHA256
  
  1851de02b0b85132c5909bf01e4f93f63557df645ae62ca4e27fb105915e55c8
- SHA512
  
  a97bb2550ffee56a0ba049b7da902b73d898e3b1019d83a8f78b42e8f81d0413f68e0f1084500e8e5f537e10c7b3a574781a3465194cd1babf241c0a7b0e48f7
- SSDEEP
  
  6144:LIC9rR53g62Ka0NtBWovZQr6GFUliBRAl72oSfon+0RX6qws:XdT9NX6rxU2RAl72oSfM+a6
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2