98ebfcb7a5c39d418392845313e4a873b8f4d353a04dbd53ad1e6f95fa752159 | Triage

Sharing

General

Target

98ebfcb7a5c39d418392845313e4a873b8f4d353a04dbd53ad1e6f95fa752159
Size

2.0MB
Sample

240624-ga6rtaycqc
MD5

828524379a641f71b1b22c0e6cef5b96
SHA1

8e2f918bb369e8b79cc22bc6e21de71974b9289f
SHA256

98ebfcb7a5c39d418392845313e4a873b8f4d353a04dbd53ad1e6f95fa752159
SHA512

eaaffdfb2d14c3e53a10375ecde5642bed723f7a9b41acc3201fb29eef1ff7f81662f98b85643ba9b88db5348d315621621f366a02c3584ec401010be2616eb2
SSDEEP

49152:2NEyY80FNFPy4tGmml/0947g+b9W7m6S/sbs0wQ22qPAoFmkA:cEhFvqXjbqoJQC+

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  98ebfcb7a5c39d418392845313e4a873b8f4d353a04dbd53ad1e6f95fa752159
- Size
  
  2.0MB
- MD5
  
  828524379a641f71b1b22c0e6cef5b96
- SHA1
  
  8e2f918bb369e8b79cc22bc6e21de71974b9289f
- SHA256
  
  98ebfcb7a5c39d418392845313e4a873b8f4d353a04dbd53ad1e6f95fa752159
- SHA512
  
  eaaffdfb2d14c3e53a10375ecde5642bed723f7a9b41acc3201fb29eef1ff7f81662f98b85643ba9b88db5348d315621621f366a02c3584ec401010be2616eb2
- SSDEEP
  
  49152:2NEyY80FNFPy4tGmml/0947g+b9W7m6S/sbs0wQ22qPAoFmkA:cEhFvqXjbqoJQC+
Score

8^/10

spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2