2fd451fbf077a9d908988cdde0a783329956f18ba1817401a037ae21508019a6 | Triage

Sharing

General

Target

2fd451fbf077a9d908988cdde0a783329956f18ba1817401a037ae21508019a6
Size

717KB
Sample

240522-192fxsba6v
MD5

dd37d9a76c03c9a2801542308a37d27e
SHA1

eaf5d0c872de895c96b655ad30384618a0d9c1d1
SHA256

2fd451fbf077a9d908988cdde0a783329956f18ba1817401a037ae21508019a6
SHA512

283930fb99a34aa881da0fa91e8761f79515507cf7551fd6c84cc17aafff5542ae002729734b80dc6a113092b58cb0fbf1c4df408d10cb3da73704e93e9901f9
SSDEEP

12288:73WFjJfC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:73M9LOS2opPIXV

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  2fd451fbf077a9d908988cdde0a783329956f18ba1817401a037ae21508019a6
- Size
  
  717KB
- MD5
  
  dd37d9a76c03c9a2801542308a37d27e
- SHA1
  
  eaf5d0c872de895c96b655ad30384618a0d9c1d1
- SHA256
  
  2fd451fbf077a9d908988cdde0a783329956f18ba1817401a037ae21508019a6
- SHA512
  
  283930fb99a34aa881da0fa91e8761f79515507cf7551fd6c84cc17aafff5542ae002729734b80dc6a113092b58cb0fbf1c4df408d10cb3da73704e93e9901f9
- SSDEEP
  
  12288:73WFjJfC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:73M9LOS2opPIXV
Score

8^/10

spyware stealer
- Drops file in Drivers directory
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2