52d6256ea13e20d63c6a2888cdcd814d129f84be60e62bd5036fad9e5fb52e1d | Triage

Sharing

General

Target

use_2024_tо_оpen.zip
Size

20.5MB
Sample

240615-s24mbawaqg
MD5

76817b10698222d6fdfecc2c3f982f03
SHA1

6d5304e8432049a295eb843c0bb5ef1124f39a2f
SHA256

52d6256ea13e20d63c6a2888cdcd814d129f84be60e62bd5036fad9e5fb52e1d
SHA512

e183a002bc95f894685672488d02b2d6d304c22e01982a6061aac754b891ff670d2ee6d4c79266f67c2485d0e5b20c87a3eb4159ec4fa59df91cc3e94893323f
SSDEEP

393216:AfjuMjZNcx0my+Pf4AyL2RCbtcfy4pntrFQND/iA0uLxmvY9bDmExMGx6:HOXcxI+PZyishcT3+9i7Y5DGc6

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  use_2024_t?_?pen/S?tup.exe
- Size
  
  327.1MB
- MD5
  
  662cce215db27d1c1bca06e9e7ea8d0f
- SHA1
  
  f751d3f0f0fafc1c4f09b3465c77df7a1922842a
- SHA256
  
  7ef4e4b5f0ef3c0021916a420f17b15fc07bd13bf35aeb02fa67e02b27386f2c
- SHA512
  
  75ad75851d52f93d558667a2c460850689029c15aeea8376fc0972c2f1a1454480b2de5a146acc11d97b51bb9ebb5ada578355db59e2077b780e868566586417
- SSDEEP
  
  98304:tcs+ypj77unDC30radxzHy6qWeqXKLLOCl9SPEY47IJf0b3:WtA37u2XdxzHy9W4LLHcEY4U+7
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

behavioral3

discoveryspywarestealer