0b74c13914f712fce5bb41c25a443c4214a97792bdbb6fea05b98350901405ff | Triage

Submit
Reports

Overview

overview

7

Static

static

1

TelamonCle...tr.exe

windows11-21h2-x64

7

Sharing

General

Target

TelamonCleaner_id66510e9929ef0tr.exe
Size

2.3MB
Sample

240524-1y9yxsda32
MD5

6a80889e81911157ca27df5bc5ac2e09
SHA1

02ac28dd7124317e294fac847a05b69411c9cdb2
SHA256

0b74c13914f712fce5bb41c25a443c4214a97792bdbb6fea05b98350901405ff
SHA512

329ec105834f4531386090074994e5c4ddbdaf4cc4801956b675e258e9167f9e70cf31b8d636d119b59b57af0912decdc259d12999842008cec807a967c89aef
SSDEEP

24576:U7FUDowAyrTVE3U5FR7EqKt4QqImIRxbFCtrzARkiXP9oZcEo4V2cUifUjYRm96F:UBuZrEUuXpqIzfbFsW/aOEPrSgmKvrjb

Score

7^/10

discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

TelamonCleaner_id66510e9929ef0tr.exe

Resource

win11-20240426-en

discovery spyware stealer

windows11-21h2-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  TelamonCleaner_id66510e9929ef0tr.exe
- Size
  
  2.3MB
- MD5
  
  6a80889e81911157ca27df5bc5ac2e09
- SHA1
  
  02ac28dd7124317e294fac847a05b69411c9cdb2
- SHA256
  
  0b74c13914f712fce5bb41c25a443c4214a97792bdbb6fea05b98350901405ff
- SHA512
  
  329ec105834f4531386090074994e5c4ddbdaf4cc4801956b675e258e9167f9e70cf31b8d636d119b59b57af0912decdc259d12999842008cec807a967c89aef
- SSDEEP
  
  24576:U7FUDowAyrTVE3U5FR7EqKt4QqImIRxbFCtrzARkiXP9oZcEo4V2cUifUjYRm96F:UBuZrEUuXpqIzfbFsW/aOEPrSgmKvrjb
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryspywarestealer

© 2018-2024

Terms | Privacy