e81a8e81c7a6d2193c9deb3b6dbc774d669c77d30a0525ae19fa26a06f2fb721 | Triage

Sharing

General

Target

e81a8e81c7a6d2193c9deb3b6dbc774d669c77d30a0525ae19fa26a06f2fb721
Size

2.0MB
Sample

240624-gmvv3sscpm
MD5

e9d96cdeb68c6faf7a92ce091a7f7780
SHA1

c630438d90634be5c01fe0e36107143e25be31ff
SHA256

e81a8e81c7a6d2193c9deb3b6dbc774d669c77d30a0525ae19fa26a06f2fb721
SHA512

e66e453456a7cfec73b365d62941ae4a5d8507e77fef81e65476744f0b0d18ee384fd6b34b1bca413eef626973d515f2988276effaf6823a318daba2b1920d3a
SSDEEP

49152:3NEyY80FNFPy4tGmml/0947g+b9W7m6S/sbs0wQ22qPAoFmkU:9EhFvqXjbqoJQCK

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  e81a8e81c7a6d2193c9deb3b6dbc774d669c77d30a0525ae19fa26a06f2fb721
- Size
  
  2.0MB
- MD5
  
  e9d96cdeb68c6faf7a92ce091a7f7780
- SHA1
  
  c630438d90634be5c01fe0e36107143e25be31ff
- SHA256
  
  e81a8e81c7a6d2193c9deb3b6dbc774d669c77d30a0525ae19fa26a06f2fb721
- SHA512
  
  e66e453456a7cfec73b365d62941ae4a5d8507e77fef81e65476744f0b0d18ee384fd6b34b1bca413eef626973d515f2988276effaf6823a318daba2b1920d3a
- SSDEEP
  
  49152:3NEyY80FNFPy4tGmml/0947g+b9W7m6S/sbs0wQ22qPAoFmkU:9EhFvqXjbqoJQCK
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2