765588f23c201b5815b8f79dc9944827876ce28d8ca4bf60d4c687c2a31b8d8e | Triage

Sharing

General

Target

765588f23c201b5815b8f79dc9944827876ce28d8ca4bf60d4c687c2a31b8d8e
Size

694KB
Sample

240528-lzqjcaeg8w
MD5

15edb5f3d8dc8b4bb3560bd7a9b3eff6
SHA1

35ee09a607af1e28015862df58d890eef9bcd27e
SHA256

765588f23c201b5815b8f79dc9944827876ce28d8ca4bf60d4c687c2a31b8d8e
SHA512

e5c85752efba5f785f67a5b7c406233a2c3a5fff22903068c2c85a4596de1080f84f40bc58c2aef13de7fe4419e2aa8ebed5ee4ca5617575caf56823920a8b19
SSDEEP

12288:/PzJgrpXt3hcorRSJwGHuwbwDdlELUDyoagA0rtmmrBE:/PzJgrVtxcolSJwGHuOud6L9fN0pmr

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  765588f23c201b5815b8f79dc9944827876ce28d8ca4bf60d4c687c2a31b8d8e
- Size
  
  694KB
- MD5
  
  15edb5f3d8dc8b4bb3560bd7a9b3eff6
- SHA1
  
  35ee09a607af1e28015862df58d890eef9bcd27e
- SHA256
  
  765588f23c201b5815b8f79dc9944827876ce28d8ca4bf60d4c687c2a31b8d8e
- SHA512
  
  e5c85752efba5f785f67a5b7c406233a2c3a5fff22903068c2c85a4596de1080f84f40bc58c2aef13de7fe4419e2aa8ebed5ee4ca5617575caf56823920a8b19
- SSDEEP
  
  12288:/PzJgrpXt3hcorRSJwGHuwbwDdlELUDyoagA0rtmmrBE:/PzJgrVtxcolSJwGHuOud6L9fN0pmr
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2