94e6b078471a557e368529577e00b60d0edb8e542d1f6567716fd7a589e48f6e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94e6b078471a557e368529577e00b60d0edb8e542d1f6567716fd7a589e48f6e
Size

2.6MB
Sample

240630-vxyxdavbrk
MD5

d64cb83f8c93b67c50f0b4af64537ea3
SHA1

78c4c6ecef59950e807dddf8d5dca2b7b1a8c550
SHA256

94e6b078471a557e368529577e00b60d0edb8e542d1f6567716fd7a589e48f6e
SHA512

847b3ecf2fd99f51a783273cb091535561db3643a57d503e5c09ca5d6a9663c26a5cdeba35ab45169171f6e70973de8dc9bf42d13c70f3b18856ac064d19eb87
SSDEEP

49152:aYmt90ZgggSm4hmbUupEzxUSmjSjhTSGIo8Y70tYF3FmWYo8Jq/wXsH6JTm1Ub:aYqyZkbZ+mSmm2t7XXqD1U

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  94e6b078471a557e368529577e00b60d0edb8e542d1f6567716fd7a589e48f6e
- Size
  
  2.6MB
- MD5
  
  d64cb83f8c93b67c50f0b4af64537ea3
- SHA1
  
  78c4c6ecef59950e807dddf8d5dca2b7b1a8c550
- SHA256
  
  94e6b078471a557e368529577e00b60d0edb8e542d1f6567716fd7a589e48f6e
- SHA512
  
  847b3ecf2fd99f51a783273cb091535561db3643a57d503e5c09ca5d6a9663c26a5cdeba35ab45169171f6e70973de8dc9bf42d13c70f3b18856ac064d19eb87
- SSDEEP
  
  49152:aYmt90ZgggSm4hmbUupEzxUSmjSjhTSGIo8Y70tYF3FmWYo8Jq/wXsH6JTm1Ub:aYqyZkbZ+mSmm2t7XXqD1U
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2