60a0faacc93a9d4918b196abbed73d33c0ae8e3f0a7fcfe9ad22843e2e35aac3 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

60a0faacc9...c3.exe

windows7-x64

7

60a0faacc9...c3.exe

windows10-2004-x64

7

Sharing

General

Target

60a0faacc93a9d4918b196abbed73d33c0ae8e3f0a7fcfe9ad22843e2e35aac3
Size

628KB
Sample

240524-2b258sde26
MD5

5e8cfe5d2f00b2aa6a5acb30b13baaaf
SHA1

31b3bf826b928ac46362dd6efc2bb08ff16ade2c
SHA256

60a0faacc93a9d4918b196abbed73d33c0ae8e3f0a7fcfe9ad22843e2e35aac3
SHA512

a9066f7296cb97bedc7c9f6885d3192274414bf4248326480f374fae9d2053867d1168d3f2c90da1a63e3850082a7a8c8b7437b9cbb305aacb212e2280be215e
SSDEEP

12288:hhzPCTxc7Fv0DTPVixnW+Warm0ZmmvlJre6MeyzfnOMuRsiYpK/CsFKyj:vqTmFM/9ixWbarm0tXe6xMuRPYEas

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

60a0faacc93a9d4918b196abbed73d33c0ae8e3f0a7fcfe9ad22843e2e35aac3.exe

Resource

win7-20240508-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

60a0faacc93a9d4918b196abbed73d33c0ae8e3f0a7fcfe9ad22843e2e35aac3.exe

Resource

win10v2004-20240226-en

spyware stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  60a0faacc93a9d4918b196abbed73d33c0ae8e3f0a7fcfe9ad22843e2e35aac3
- Size
  
  628KB
- MD5
  
  5e8cfe5d2f00b2aa6a5acb30b13baaaf
- SHA1
  
  31b3bf826b928ac46362dd6efc2bb08ff16ade2c
- SHA256
  
  60a0faacc93a9d4918b196abbed73d33c0ae8e3f0a7fcfe9ad22843e2e35aac3
- SHA512
  
  a9066f7296cb97bedc7c9f6885d3192274414bf4248326480f374fae9d2053867d1168d3f2c90da1a63e3850082a7a8c8b7437b9cbb305aacb212e2280be215e
- SSDEEP
  
  12288:hhzPCTxc7Fv0DTPVixnW+Warm0ZmmvlJre6MeyzfnOMuRsiYpK/CsFKyj:vqTmFM/9ixWbarm0tXe6xMuRPYEas
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy