8543b374f449df76e3f734a5eb33b87cbd8d072c9f061819449becb1b2a42208 | Triage

Sharing

General

Target

8543b374f449df76e3f734a5eb33b87cbd8d072c9f061819449becb1b2a42208
Size

16KB
Sample

240608-w448eaed7s
MD5

93590cec2060bdcf7e9938c337cab858
SHA1

de8cf0569d29c895ddfc87ca8aca10c98fb07103
SHA256

8543b374f449df76e3f734a5eb33b87cbd8d072c9f061819449becb1b2a42208
SHA512

3fa104117172ee44c79799bdac31d7b152ad8ed11ef8acf87ec40031d02353dea29d409c875600b53cc12ae265911fcae0b341aee6efeae62931350213dd3c3b
SSDEEP

384:x+uPfoQ+DfYMzKdPEsOuubuEG3KHM2/YG:IMAQ+BzWPEwnE+KHM2/YG

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  8543b374f449df76e3f734a5eb33b87cbd8d072c9f061819449becb1b2a42208
- Size
  
  16KB
- MD5
  
  93590cec2060bdcf7e9938c337cab858
- SHA1
  
  de8cf0569d29c895ddfc87ca8aca10c98fb07103
- SHA256
  
  8543b374f449df76e3f734a5eb33b87cbd8d072c9f061819449becb1b2a42208
- SHA512
  
  3fa104117172ee44c79799bdac31d7b152ad8ed11ef8acf87ec40031d02353dea29d409c875600b53cc12ae265911fcae0b341aee6efeae62931350213dd3c3b
- SSDEEP
  
  384:x+uPfoQ+DfYMzKdPEsOuubuEG3KHM2/YG:IMAQ+BzWPEwnE+KHM2/YG
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer