637bd4ff0d6480af5586a0b8eac52cdb618627f7ed02e87d2950e090d48203ad | Triage

Resubmissions

10-06-2024 18:46

240610-xezgaswekc 8

10-06-2024 18:29

240610-w46q8swbqg 8

Sharing

General

Target

637bd4ff0d6480af5586a0b8eac52cdb618627f7ed02e87d2950e090d48203ad
Size

33KB
Sample

240610-w46q8swbqg
MD5

00a382a3d6bca076ca3db1809b87a802
SHA1

1d338f8174114c30ca71066b4b5773ede3099cbd
SHA256

637bd4ff0d6480af5586a0b8eac52cdb618627f7ed02e87d2950e090d48203ad
SHA512

5e34f0b6320cd824cd476118946f85e03baf076f06ab627e6e14aae828da7a21d894f9a82c381e286992afbaf5e23af94bb69bef8b84616a86363ad45f2488ea
SSDEEP

768:JUMUElOIEvzMXqtwp/lDTJg/MFksCRsd2u9C9MFWoVaZel:JKaYzMXqtGN/CstC9qVF

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  637bd4ff0d6480af5586a0b8eac52cdb618627f7ed02e87d2950e090d48203ad
- Size
  
  33KB
- MD5
  
  00a382a3d6bca076ca3db1809b87a802
- SHA1
  
  1d338f8174114c30ca71066b4b5773ede3099cbd
- SHA256
  
  637bd4ff0d6480af5586a0b8eac52cdb618627f7ed02e87d2950e090d48203ad
- SHA512
  
  5e34f0b6320cd824cd476118946f85e03baf076f06ab627e6e14aae828da7a21d894f9a82c381e286992afbaf5e23af94bb69bef8b84616a86363ad45f2488ea
- SSDEEP
  
  768:JUMUElOIEvzMXqtwp/lDTJg/MFksCRsd2u9C9MFWoVaZel:JKaYzMXqtGN/CstC9qVF
Score

8^/10

spyware stealer
- Drops file in Drivers directory
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2