963006ea3a64e9c29c082a9d655d39b1cc8994c79471ab7809b4dc5ae27723b9 | Triage

Sharing

General

Target

963006ea3a64e9c29c082a9d655d39b1cc8994c79471ab7809b4dc5ae27723b9
Size

17KB
Sample

240601-v2rzmaad95
MD5

4aac6eb7cc4e1773555170e98598e3eb
SHA1

edce9398c75bc2ba834dc7e11ecfc791e3b2b667
SHA256

963006ea3a64e9c29c082a9d655d39b1cc8994c79471ab7809b4dc5ae27723b9
SHA512

b9c3a6d7d4715923efaefc9e4b5b6ee806f20681bea9efa81fa8d30849fd4a9dcd549b63ebb73fa5f4d873020ecb1c932ded61e1cfe9483f8ef78554b2a94274
SSDEEP

384:x+uPfoQ+DfYMzKdPEsOuubuEG3KHM2/VgT:IMAQ+BzWPEwnE+KHM2/VgT

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  963006ea3a64e9c29c082a9d655d39b1cc8994c79471ab7809b4dc5ae27723b9
- Size
  
  17KB
- MD5
  
  4aac6eb7cc4e1773555170e98598e3eb
- SHA1
  
  edce9398c75bc2ba834dc7e11ecfc791e3b2b667
- SHA256
  
  963006ea3a64e9c29c082a9d655d39b1cc8994c79471ab7809b4dc5ae27723b9
- SHA512
  
  b9c3a6d7d4715923efaefc9e4b5b6ee806f20681bea9efa81fa8d30849fd4a9dcd549b63ebb73fa5f4d873020ecb1c932ded61e1cfe9483f8ef78554b2a94274
- SSDEEP
  
  384:x+uPfoQ+DfYMzKdPEsOuubuEG3KHM2/VgT:IMAQ+BzWPEwnE+KHM2/VgT
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer