5fd56261aab360ecd985cc23973185fd9026a80a46893cfcb8cc9ec8b2356c60 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fd56261aab360ecd985cc23973185fd9026a80a46893cfcb8cc9ec8b2356c60
Size

375KB
Sample

240602-qrt9sade4w
MD5

11dd82b7f6129f2aa9446357b7e047fd
SHA1

fa43087090284f896f618e1679cd66d9028c6711
SHA256

5fd56261aab360ecd985cc23973185fd9026a80a46893cfcb8cc9ec8b2356c60
SHA512

c3d9abf31c3cd3fbbcef5db2699e811798b930a2a073e042c00ae542c9c133789d4c2957076c5650432faffbc80b6d181725824c029a6f9391b0f1734b19c567
SSDEEP

6144:k/KW+aezZzU66bkWmchVySqkvAH3qo0wWJC6G/SMT4FWqC:HW+aQU66b5zhVymA/XSRh

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  5fd56261aab360ecd985cc23973185fd9026a80a46893cfcb8cc9ec8b2356c60
- Size
  
  375KB
- MD5
  
  11dd82b7f6129f2aa9446357b7e047fd
- SHA1
  
  fa43087090284f896f618e1679cd66d9028c6711
- SHA256
  
  5fd56261aab360ecd985cc23973185fd9026a80a46893cfcb8cc9ec8b2356c60
- SHA512
  
  c3d9abf31c3cd3fbbcef5db2699e811798b930a2a073e042c00ae542c9c133789d4c2957076c5650432faffbc80b6d181725824c029a6f9391b0f1734b19c567
- SSDEEP
  
  6144:k/KW+aezZzU66bkWmchVySqkvAH3qo0wWJC6G/SMT4FWqC:HW+aQU66b5zhVymA/XSRh
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2