46e86ba3d767d13ec9b1932799ee547c6792d4ebeb2641988b866a23503bb889 | Triage

Sharing

General

Target

46e86ba3d767d13ec9b1932799ee547c6792d4ebeb2641988b866a23503bb889
Size

2.0MB
Sample

240624-fzpddsyamg
MD5

6197f076e18565d99bfeca321f58c551
SHA1

17d81062498a3ab5620b9c4756d6fc7c5265ca88
SHA256

46e86ba3d767d13ec9b1932799ee547c6792d4ebeb2641988b866a23503bb889
SHA512

c4e2130ec0ea9a00c5c8c04131b57f7f6168eddbcb9f3c34be0e4f0b27c346f223a9fb37cf550a4369fec5492a7ef88c8b37065f9f091b0829f1dba3521a282a
SSDEEP

49152:2NEyY80FNFPy4tGmml/0947g+b9W7m6S/sbs0wQ22qPAoFmk3:cEhFvqXjbqoJQCl

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  46e86ba3d767d13ec9b1932799ee547c6792d4ebeb2641988b866a23503bb889
- Size
  
  2.0MB
- MD5
  
  6197f076e18565d99bfeca321f58c551
- SHA1
  
  17d81062498a3ab5620b9c4756d6fc7c5265ca88
- SHA256
  
  46e86ba3d767d13ec9b1932799ee547c6792d4ebeb2641988b866a23503bb889
- SHA512
  
  c4e2130ec0ea9a00c5c8c04131b57f7f6168eddbcb9f3c34be0e4f0b27c346f223a9fb37cf550a4369fec5492a7ef88c8b37065f9f091b0829f1dba3521a282a
- SSDEEP
  
  49152:2NEyY80FNFPy4tGmml/0947g+b9W7m6S/sbs0wQ22qPAoFmk3:cEhFvqXjbqoJQCl
Score

8^/10

spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2