ae48ed20ecdef928586f25d9c1536af61899afb2e99b45c59fd1b7c4f54232de | Triage

Sharing

General

Target

ae48ed20ecdef928586f25d9c1536af61899afb2e99b45c59fd1b7c4f54232de
Size

17KB
Sample

240524-ejp5bacc88
MD5

d42f5455c1a75089706a78458b5ab120
SHA1

4da003a8dd0326308882b8db4f19c5f71786ea58
SHA256

ae48ed20ecdef928586f25d9c1536af61899afb2e99b45c59fd1b7c4f54232de
SHA512

eb29b4013e2433a9e7f65b908370e9cf8968e3b713b67d9059184a4170373bfafaea4bc4f23c79478c9a4e161e4fc49c04e77fbe4c9dcf5e77b10f21aae1d010
SSDEEP

384:x+uPfoQ+DfYMzKdPEsOuubuEG3KHM2/DB8TE7T:IMAQ+BzWPEwnE+KHM2/+T4T

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  ae48ed20ecdef928586f25d9c1536af61899afb2e99b45c59fd1b7c4f54232de
- Size
  
  17KB
- MD5
  
  d42f5455c1a75089706a78458b5ab120
- SHA1
  
  4da003a8dd0326308882b8db4f19c5f71786ea58
- SHA256
  
  ae48ed20ecdef928586f25d9c1536af61899afb2e99b45c59fd1b7c4f54232de
- SHA512
  
  eb29b4013e2433a9e7f65b908370e9cf8968e3b713b67d9059184a4170373bfafaea4bc4f23c79478c9a4e161e4fc49c04e77fbe4c9dcf5e77b10f21aae1d010
- SSDEEP
  
  384:x+uPfoQ+DfYMzKdPEsOuubuEG3KHM2/DB8TE7T:IMAQ+BzWPEwnE+KHM2/+T4T
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer