801dcfae15873652784ff3f4f69f9eb805b944318be29d12b40b1864cf637988 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

801dcfae15...88.exe

windows7-x64

7

801dcfae15...88.exe

windows10-2004-x64

7

Sharing

General

Target

801dcfae15873652784ff3f4f69f9eb805b944318be29d12b40b1864cf637988
Size

1.8MB
Sample

240522-2bwnfsbb4z
MD5

0cab400c2e5b1318c997d488204ff929
SHA1

0dfe1ba3351a78680208aebb9004ecc0e8c10ada
SHA256

801dcfae15873652784ff3f4f69f9eb805b944318be29d12b40b1864cf637988
SHA512

0d36c4e5f94be28664f267a0aea5dbce197bb151dba470aa6293c51636ec4802b8220fe62f095ec42a1334a30fe501d5065600bab1b379c2e560662fad0c85d6
SSDEEP

49152:ZKJ0WR7AFPyyiSruXKpk3WFDL9zxnSBxUln6qr/6O:ZKlBAFPydSS6W6X9lnui6qrZ

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

801dcfae15873652784ff3f4f69f9eb805b944318be29d12b40b1864cf637988.exe

Resource

win7-20240221-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

801dcfae15873652784ff3f4f69f9eb805b944318be29d12b40b1864cf637988.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  801dcfae15873652784ff3f4f69f9eb805b944318be29d12b40b1864cf637988
- Size
  
  1.8MB
- MD5
  
  0cab400c2e5b1318c997d488204ff929
- SHA1
  
  0dfe1ba3351a78680208aebb9004ecc0e8c10ada
- SHA256
  
  801dcfae15873652784ff3f4f69f9eb805b944318be29d12b40b1864cf637988
- SHA512
  
  0d36c4e5f94be28664f267a0aea5dbce197bb151dba470aa6293c51636ec4802b8220fe62f095ec42a1334a30fe501d5065600bab1b379c2e560662fad0c85d6
- SSDEEP
  
  49152:ZKJ0WR7AFPyyiSruXKpk3WFDL9zxnSBxUln6qr/6O:ZKlBAFPydSS6W6X9lnui6qrZ
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy