7b361ed065c91a698c777c22da6e41e1d916fbcd980e25d81a10cfee59e2547b | Triage

Sharing

General

Target

7b361ed065c91a698c777c22da6e41e1d916fbcd980e25d81a10cfee59e2547b
Size

2.8MB
Sample

240523-ex5f6adg24
MD5

e6737de792b148398d431a35df459179
SHA1

50426fa035ffd1799f4fd942f40673869700e647
SHA256

7b361ed065c91a698c777c22da6e41e1d916fbcd980e25d81a10cfee59e2547b
SHA512

1671da6be15c09a065c5a57e9d3d966e64a6843ce5794a0b7ff7317adc0328f30741facfd9c026a983b462e01987136b5069f05ec7c608fa10c2fec01887f6ce
SSDEEP

49152:ZBj6gLKJuMarhVnMFwTH8/giBiBcbk4ZxZ2DqFeVMhuxcPh:Zcd1XdhBiiMa7

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  7b361ed065c91a698c777c22da6e41e1d916fbcd980e25d81a10cfee59e2547b
- Size
  
  2.8MB
- MD5
  
  e6737de792b148398d431a35df459179
- SHA1
  
  50426fa035ffd1799f4fd942f40673869700e647
- SHA256
  
  7b361ed065c91a698c777c22da6e41e1d916fbcd980e25d81a10cfee59e2547b
- SHA512
  
  1671da6be15c09a065c5a57e9d3d966e64a6843ce5794a0b7ff7317adc0328f30741facfd9c026a983b462e01987136b5069f05ec7c608fa10c2fec01887f6ce
- SSDEEP
  
  49152:ZBj6gLKJuMarhVnMFwTH8/giBiBcbk4ZxZ2DqFeVMhuxcPh:Zcd1XdhBiiMa7
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2