145f4e0e2c97ae1d80d10399900b7ded71e0d9969286a88ec33f4d9ed6c19a58 | Triage

Sharing

General

Target

145f4e0e2c97ae1d80d10399900b7ded71e0d9969286a88ec33f4d9ed6c19a58
Size

2.7MB
Sample

240523-mn8q8add39
MD5

eef2f88a583ca9043587ec5f91a5cf79
SHA1

16f79803e436956dc2c21548cd93664b2222febe
SHA256

145f4e0e2c97ae1d80d10399900b7ded71e0d9969286a88ec33f4d9ed6c19a58
SHA512

dee68a944bfd6c359bc51dee83b9c3a70ff17edbd778466e7db24d73492a26a7cacf85ba8e91af479972e85bb9b332c5b49c0df9f45af0b8732c3f7c70f945f9
SSDEEP

49152:5luJTB3M5r+G5rLT0QViZEf4f32FjSjhTSGIo8Y70tArkpVRGE4b7O6PNs:5lukBfVQpf2Fm2tTrmF6

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  145f4e0e2c97ae1d80d10399900b7ded71e0d9969286a88ec33f4d9ed6c19a58
- Size
  
  2.7MB
- MD5
  
  eef2f88a583ca9043587ec5f91a5cf79
- SHA1
  
  16f79803e436956dc2c21548cd93664b2222febe
- SHA256
  
  145f4e0e2c97ae1d80d10399900b7ded71e0d9969286a88ec33f4d9ed6c19a58
- SHA512
  
  dee68a944bfd6c359bc51dee83b9c3a70ff17edbd778466e7db24d73492a26a7cacf85ba8e91af479972e85bb9b332c5b49c0df9f45af0b8732c3f7c70f945f9
- SSDEEP
  
  49152:5luJTB3M5r+G5rLT0QViZEf4f32FjSjhTSGIo8Y70tArkpVRGE4b7O6PNs:5lukBfVQpf2Fm2tTrmF6
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2