536e59d926a16555843c5c0eb4dc5d858e2b573e5d4e804ba1ff1f81e7507866 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4351ac76b175114833ac92e9ee46dc9.bin
Size

71KB
Sample

240630-dqwd8sshre
MD5

a4351ac76b175114833ac92e9ee46dc9
SHA1

c1ed2701f7dd187019a6256bf22da6e8cee9bb38
SHA256

536e59d926a16555843c5c0eb4dc5d858e2b573e5d4e804ba1ff1f81e7507866
SHA512

bc46365c86132255e58246a97e179555d898fa0cc9b4fed8af40ac58530995fd601307654c90a1ba71d39a2c6416766b962379e06464e507cf31fa8f95d44963
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTv:ZRpAyazIliazTv

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  a4351ac76b175114833ac92e9ee46dc9.bin
- Size
  
  71KB
- MD5
  
  a4351ac76b175114833ac92e9ee46dc9
- SHA1
  
  c1ed2701f7dd187019a6256bf22da6e8cee9bb38
- SHA256
  
  536e59d926a16555843c5c0eb4dc5d858e2b573e5d4e804ba1ff1f81e7507866
- SHA512
  
  bc46365c86132255e58246a97e179555d898fa0cc9b4fed8af40ac58530995fd601307654c90a1ba71d39a2c6416766b962379e06464e507cf31fa8f95d44963
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTv:ZRpAyazIliazTv
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer