97ed426a48336a417e8ec3acb20d45cd7f52596449f2cc3a5c7b72a007dff4e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97ed426a48336a417e8ec3acb20d45cd7f52596449f2cc3a5c7b72a007dff4e1
Size

71KB
Sample

240529-akkh1abd36
MD5

6c623e65969c08c0b0a0395bb03b8acb
SHA1

850ac5209f2654c6f0c18996ac3fe6900164b446
SHA256

97ed426a48336a417e8ec3acb20d45cd7f52596449f2cc3a5c7b72a007dff4e1
SHA512

9bf6ecfceb49b85cc0de560bb7fb7bb72950b0963c0005bc487ce59359d1dabd45780afde3ac6d027d39417464f9e919426835f3fd9f7cf422e9ba2629293eb3
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTb:ZRpAyazIliazTb

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  97ed426a48336a417e8ec3acb20d45cd7f52596449f2cc3a5c7b72a007dff4e1
- Size
  
  71KB
- MD5
  
  6c623e65969c08c0b0a0395bb03b8acb
- SHA1
  
  850ac5209f2654c6f0c18996ac3fe6900164b446
- SHA256
  
  97ed426a48336a417e8ec3acb20d45cd7f52596449f2cc3a5c7b72a007dff4e1
- SHA512
  
  9bf6ecfceb49b85cc0de560bb7fb7bb72950b0963c0005bc487ce59359d1dabd45780afde3ac6d027d39417464f9e919426835f3fd9f7cf422e9ba2629293eb3
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTb:ZRpAyazIliazTb
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer