0bd3c07a4590d07e6d05698a27afdf9447d54bfca58bade289d094e0bcdfd1a3 | Triage

Sharing

General

Target

0bd3c07a4590d07e6d05698a27afdf9447d54bfca58bade289d094e0bcdfd1a3
Size

2.0MB
Sample

240627-2gft7avdqb
MD5

8e6dac74d38690e5ad0c2bdb531e572f
SHA1

d08f2d4e362ea09c014f85fd991351956616e1b9
SHA256

0bd3c07a4590d07e6d05698a27afdf9447d54bfca58bade289d094e0bcdfd1a3
SHA512

bedb333c6f9a97fc51f3553cdabddeb26d43ccf3d6d30bac77951374e9aa7851e43b6322914393d47ab52c3ce416093ebbe9f66cf3153d7a76c3e6041df67c12
SSDEEP

49152:GNEyY80FNFPy4tGmml/0947g+b9W7m6S/sbs0wQ22qPAoFmkm:MEhFvqXjbqoJQCo

Score

8^/10

spyware stealer

Malware Config

Targets

- Target
  
  0bd3c07a4590d07e6d05698a27afdf9447d54bfca58bade289d094e0bcdfd1a3
- Size
  
  2.0MB
- MD5
  
  8e6dac74d38690e5ad0c2bdb531e572f
- SHA1
  
  d08f2d4e362ea09c014f85fd991351956616e1b9
- SHA256
  
  0bd3c07a4590d07e6d05698a27afdf9447d54bfca58bade289d094e0bcdfd1a3
- SHA512
  
  bedb333c6f9a97fc51f3553cdabddeb26d43ccf3d6d30bac77951374e9aa7851e43b6322914393d47ab52c3ce416093ebbe9f66cf3153d7a76c3e6041df67c12
- SSDEEP
  
  49152:GNEyY80FNFPy4tGmml/0947g+b9W7m6S/sbs0wQ22qPAoFmkm:MEhFvqXjbqoJQCo
Score

8^/10

spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2