597ca08dea2c7aa2551cd932c2d79cc6f12fb24f4ac9ecaf1ba45a0c3576c3e2 | Triage

Sharing

General

Target

Authenticator.exe
Size

3.5MB
Sample

240601-q2y1qaef49
MD5

7c0c6044c5a9a14feb436705b0eb29d2
SHA1

029d9abe075599e013aa1e76d33b78470aab9c5b
SHA256

597ca08dea2c7aa2551cd932c2d79cc6f12fb24f4ac9ecaf1ba45a0c3576c3e2
SHA512

64bdeec8be75a99687c1ccf3284e6453f48978b9fcebcf6ef8a31e7e36ba7fd38f2e0a31ae79693cae1fa44930a1752341dd173989f4fe42caaef541767ce074
SSDEEP

49152:yNAryfH4y9JnO/BXCRr2mLxZHQy1RhCvBl6j/IvOnb08InAT23HAGdmb:322/vjAbYb3gGd

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Authenticator.exe
- Size
  
  3.5MB
- MD5
  
  7c0c6044c5a9a14feb436705b0eb29d2
- SHA1
  
  029d9abe075599e013aa1e76d33b78470aab9c5b
- SHA256
  
  597ca08dea2c7aa2551cd932c2d79cc6f12fb24f4ac9ecaf1ba45a0c3576c3e2
- SHA512
  
  64bdeec8be75a99687c1ccf3284e6453f48978b9fcebcf6ef8a31e7e36ba7fd38f2e0a31ae79693cae1fa44930a1752341dd173989f4fe42caaef541767ce074
- SSDEEP
  
  49152:yNAryfH4y9JnO/BXCRr2mLxZHQy1RhCvBl6j/IvOnb08InAT23HAGdmb:322/vjAbYb3gGd
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3