b6c29383e2d1350c451731cc354b089583679a74902bb9be9bb8606b73142f4f | Triage

Sharing

General

Target

b6c29383e2d1350c451731cc354b089583679a74902bb9be9bb8606b73142f4f
Size

2.8MB
Sample

240609-hbbhqseh6v
MD5

7e2ded6b40f707c5a48b01b6b0c42eb5
SHA1

8db426a7a5d9c36b201b51699c23de745435ccd0
SHA256

b6c29383e2d1350c451731cc354b089583679a74902bb9be9bb8606b73142f4f
SHA512

2434231606079ff2404a3a25674bbfec6a7346f7c2cd2534a5224fbc055eb18af44eb7a232a79fa1e32f410161d935b66e1fbbff17c637c06186c1893e0fbbae
SSDEEP

49152:BPa6gLKJuMarhVnMFwTH8/giBiBcbk4ZxZ2DqFeVMhuxcPh:hd1XdhBiiMa7

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  b6c29383e2d1350c451731cc354b089583679a74902bb9be9bb8606b73142f4f
- Size
  
  2.8MB
- MD5
  
  7e2ded6b40f707c5a48b01b6b0c42eb5
- SHA1
  
  8db426a7a5d9c36b201b51699c23de745435ccd0
- SHA256
  
  b6c29383e2d1350c451731cc354b089583679a74902bb9be9bb8606b73142f4f
- SHA512
  
  2434231606079ff2404a3a25674bbfec6a7346f7c2cd2534a5224fbc055eb18af44eb7a232a79fa1e32f410161d935b66e1fbbff17c637c06186c1893e0fbbae
- SSDEEP
  
  49152:BPa6gLKJuMarhVnMFwTH8/giBiBcbk4ZxZ2DqFeVMhuxcPh:hd1XdhBiiMa7
Score

7^/10

spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2