3623402234d8d8c9266e5af2c72aabf05708da67885e8f5ac8ecaf26e3076b80 | Triage

Sharing

General

Target

3623402234d8d8c9266e5af2c72aabf05708da67885e8f5ac8ecaf26e3076b80
Size

2.6MB
Sample

240523-lam2xsbg6z
MD5

bb9c435ba43a3c9d7e7be36055ad28fd
SHA1

d2b1d287ac1bfa98aad040c7474426aafe8036b4
SHA256

3623402234d8d8c9266e5af2c72aabf05708da67885e8f5ac8ecaf26e3076b80
SHA512

7ca574200fa515a645bde7814785e9d72ec369e07e298d17ab11be5982b42eedd906b4cfd4248b5da139bf1cfe1e36035b9ee12786064e69d4bdd47bd21f0966
SSDEEP

49152:okMuvVuUhzpNdgTSpkEpkuvJx7ta2jSjhTSGIo8Y70tpyeyLIDuP8BPeq+drkjLT:oknHjyTMppkufRa2m2tpy90PdmrABR

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  3623402234d8d8c9266e5af2c72aabf05708da67885e8f5ac8ecaf26e3076b80
- Size
  
  2.6MB
- MD5
  
  bb9c435ba43a3c9d7e7be36055ad28fd
- SHA1
  
  d2b1d287ac1bfa98aad040c7474426aafe8036b4
- SHA256
  
  3623402234d8d8c9266e5af2c72aabf05708da67885e8f5ac8ecaf26e3076b80
- SHA512
  
  7ca574200fa515a645bde7814785e9d72ec369e07e298d17ab11be5982b42eedd906b4cfd4248b5da139bf1cfe1e36035b9ee12786064e69d4bdd47bd21f0966
- SSDEEP
  
  49152:okMuvVuUhzpNdgTSpkEpkuvJx7ta2jSjhTSGIo8Y70tpyeyLIDuP8BPeq+drkjLT:oknHjyTMppkufRa2m2tpy90PdmrABR
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2