701897d34882239e7691fb5bd9271ea1fbc9d9f235ca81cacc844379f3f2d288 | Triage

Sharing

General

Target

701897d34882239e7691fb5bd9271ea1fbc9d9f235ca81cacc844379f3f2d288
Size

2.0MB
Sample

240624-f5mrra1grk
MD5

70b87aeb4fab17e522b76ef19b69d733
SHA1

3ea367b2f3902fe9336b7ae3d726f75941c6dd7e
SHA256

701897d34882239e7691fb5bd9271ea1fbc9d9f235ca81cacc844379f3f2d288
SHA512

a77c9864a162d2486b3d271e90e0018cd186dbeef548fad5cc9a1f285850cb100af31beb578045f18b3beaeacbad1235d099cc1f7005ae32abedc69fd4f383f9
SSDEEP

49152:5NEyY80FNFPy4tGmml/0947g+b9W7m6S/sbs0wQ22qPAoFmkH:3EhFvqXjbqoJQCd

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  701897d34882239e7691fb5bd9271ea1fbc9d9f235ca81cacc844379f3f2d288
- Size
  
  2.0MB
- MD5
  
  70b87aeb4fab17e522b76ef19b69d733
- SHA1
  
  3ea367b2f3902fe9336b7ae3d726f75941c6dd7e
- SHA256
  
  701897d34882239e7691fb5bd9271ea1fbc9d9f235ca81cacc844379f3f2d288
- SHA512
  
  a77c9864a162d2486b3d271e90e0018cd186dbeef548fad5cc9a1f285850cb100af31beb578045f18b3beaeacbad1235d099cc1f7005ae32abedc69fd4f383f9
- SSDEEP
  
  49152:5NEyY80FNFPy4tGmml/0947g+b9W7m6S/sbs0wQ22qPAoFmkH:3EhFvqXjbqoJQCd
Score

8^/10

spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2