bd5a37a8d2cdc44d60e5f550eb02e84fe41e380c341c404a4ffb71f9fc057e4a | Triage

Sharing

General

Target

CleanUp.dll
Size

472KB
Sample

240521-da4qnsfg4x
MD5

9b589bdef7751d9f6e102d8ec1dd3740
SHA1

7af0251fa97aaa8ed0017b93c01a30ae01bc91c0
SHA256

bd5a37a8d2cdc44d60e5f550eb02e84fe41e380c341c404a4ffb71f9fc057e4a
SHA512

819401f0a74efc80001110b83c360765ebdb88ffe4738092b4abd2dd8e1bf51d32b54b2190af0f7bbae3830ab797456ea22ecd4275c261727fbb2b3c0536ee10
SSDEEP

12288:USXo1x8EicZyXeATBSrEW5bl+wtWVkhxUnMBRKl+ebeg0Lz:UgeE0+wtWVOxDBAl+6eg0n

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  CleanUp.dll
- Size
  
  472KB
- MD5
  
  9b589bdef7751d9f6e102d8ec1dd3740
- SHA1
  
  7af0251fa97aaa8ed0017b93c01a30ae01bc91c0
- SHA256
  
  bd5a37a8d2cdc44d60e5f550eb02e84fe41e380c341c404a4ffb71f9fc057e4a
- SHA512
  
  819401f0a74efc80001110b83c360765ebdb88ffe4738092b4abd2dd8e1bf51d32b54b2190af0f7bbae3830ab797456ea22ecd4275c261727fbb2b3c0536ee10
- SSDEEP
  
  12288:USXo1x8EicZyXeATBSrEW5bl+wtWVkhxUnMBRKl+ebeg0Lz:UgeE0+wtWVOxDBAl+6eg0n
Score

8^/10

spyware stealer
- Blocklisted process makes network request
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3