5684b603c1f01a2112b136e278bad29501628ce5be37742b2d51f9ccdc198842 | Triage

Sharing

General

Target

5684b603c1f01a2112b136e278bad29501628ce5be37742b2d51f9ccdc198842
Size

1.2MB
Sample

240613-21xl2sthqc
MD5

59181335077926ed2561e1779d74b94c
SHA1

384767852d20af3219f963e47a2e58da8111938f
SHA256

5684b603c1f01a2112b136e278bad29501628ce5be37742b2d51f9ccdc198842
SHA512

e4b794005795d777a7a0eb81292d79ff46250f2fe4be1abe7c71a89aa51801ddfc4d20a76e688b98963bfdcdba8c21c0af4d9f35894a65751ae04a279cd77ad1
SSDEEP

24576:fUOCppTdeanEMfjgsiWz7jPLlA1irglmxMGowHg0OAhd:xipT7EM0pWXTO16irw3OA7

Score

7^/10

discovery evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  5684b603c1f01a2112b136e278bad29501628ce5be37742b2d51f9ccdc198842
- Size
  
  1.2MB
- MD5
  
  59181335077926ed2561e1779d74b94c
- SHA1
  
  384767852d20af3219f963e47a2e58da8111938f
- SHA256
  
  5684b603c1f01a2112b136e278bad29501628ce5be37742b2d51f9ccdc198842
- SHA512
  
  e4b794005795d777a7a0eb81292d79ff46250f2fe4be1abe7c71a89aa51801ddfc4d20a76e688b98963bfdcdba8c21c0af4d9f35894a65751ae04a279cd77ad1
- SSDEEP
  
  24576:fUOCppTdeanEMfjgsiWz7jPLlA1irglmxMGowHg0OAhd:xipT7EM0pWXTO16irw3OA7
Score

7^/10

discovery evasion spyware stealer trojan
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionspywarestealertrojan

behavioral2

discoveryevasionspywarestealertrojan