30299c512322f826783f2da82d5ea15cb73f4d002374d7f1949040d77ef4707d | Triage

Sharing

General

Target

30299c512322f826783f2da82d5ea15cb73f4d002374d7f1949040d77ef4707d
Size

17KB
Sample

240627-3cy1mszhjn
MD5

f4355e8f7755966a32d7640b0edc568b
SHA1

429dbd1bf0953bff70cdd3294da4bed9ffa81079
SHA256

30299c512322f826783f2da82d5ea15cb73f4d002374d7f1949040d77ef4707d
SHA512

e42e4f2cd766a1b841c66b5406a2adfa8bd4d1da851cf914d2008cffa5ec5f49024db3907aa0d3d3244453f39b3e867e6af267a271de006a787bdf9cabe9b1dc
SSDEEP

384:x+uPfoQ+DfYMzKdPEsOuubuEG3KHM2/QcE:IMAQ+BzWPEwnE+KHM2/QH

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  30299c512322f826783f2da82d5ea15cb73f4d002374d7f1949040d77ef4707d
- Size
  
  17KB
- MD5
  
  f4355e8f7755966a32d7640b0edc568b
- SHA1
  
  429dbd1bf0953bff70cdd3294da4bed9ffa81079
- SHA256
  
  30299c512322f826783f2da82d5ea15cb73f4d002374d7f1949040d77ef4707d
- SHA512
  
  e42e4f2cd766a1b841c66b5406a2adfa8bd4d1da851cf914d2008cffa5ec5f49024db3907aa0d3d3244453f39b3e867e6af267a271de006a787bdf9cabe9b1dc
- SSDEEP
  
  384:x+uPfoQ+DfYMzKdPEsOuubuEG3KHM2/QcE:IMAQ+BzWPEwnE+KHM2/QH
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer