e5cb3d224a4cfad48b0f2e969517b1f36f30f3df6e740ec7847f14b99c7bb056 | Triage

Sharing

General

Target

e5cb3d224a4cfad48b0f2e969517b1f36f30f3df6e740ec7847f14b99c7bb056
Size

17KB
Sample

240524-sy2csaaf7x
MD5

9886387844b724ccba32b87acee4aaff
SHA1

aed0d7bd5ba6a82d5f46224844d2f3cdbc8350ce
SHA256

e5cb3d224a4cfad48b0f2e969517b1f36f30f3df6e740ec7847f14b99c7bb056
SHA512

4188108a383c5aff3f71f3ea7f53a9671507b231e6eea72535534abfa76c61813c121c23018ab0a0e9aa508f8b8f5f80e63f34bfc53e2cd77bab05d03b0ff081
SSDEEP

384:x+uPfoQ+DfYMzKdPEsOuubuEG3KHM2/FTk0S:IMAQ+BzWPEwnE+KHM2/O

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  e5cb3d224a4cfad48b0f2e969517b1f36f30f3df6e740ec7847f14b99c7bb056
- Size
  
  17KB
- MD5
  
  9886387844b724ccba32b87acee4aaff
- SHA1
  
  aed0d7bd5ba6a82d5f46224844d2f3cdbc8350ce
- SHA256
  
  e5cb3d224a4cfad48b0f2e969517b1f36f30f3df6e740ec7847f14b99c7bb056
- SHA512
  
  4188108a383c5aff3f71f3ea7f53a9671507b231e6eea72535534abfa76c61813c121c23018ab0a0e9aa508f8b8f5f80e63f34bfc53e2cd77bab05d03b0ff081
- SSDEEP
  
  384:x+uPfoQ+DfYMzKdPEsOuubuEG3KHM2/FTk0S:IMAQ+BzWPEwnE+KHM2/O
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer