23b5d17b9605ed38f36b26c0a66587b7849ee23a6ad0a6411f999ac908645647 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23b5d17b9605ed38f36b26c0a66587b7849ee23a6ad0a6411f999ac908645647
Size

310KB
Sample

240707-ykmv5axdkl
MD5

c8d3be14657540c9486234c16507fe3c
SHA1

fefce06032ca5df4352d5305dd302789f3f6f47b
SHA256

23b5d17b9605ed38f36b26c0a66587b7849ee23a6ad0a6411f999ac908645647
SHA512

b72fc30cb6e25e643b6539ff60e8017c9d9a220927da4956d0c07ab904b4e73e141d3f1b1f130d0877c68fa25e238a6783f1c44895338a2c1202e0b873b480f0
SSDEEP

6144:8jkAq5PabueGGGGGGGGHGGGGGGGGGGGGGGGGGGGGGGGGGGGGYeibjoOCmZ72uUm5:iXueiY7mhb069m3RAwewTQF5

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  23b5d17b9605ed38f36b26c0a66587b7849ee23a6ad0a6411f999ac908645647
- Size
  
  310KB
- MD5
  
  c8d3be14657540c9486234c16507fe3c
- SHA1
  
  fefce06032ca5df4352d5305dd302789f3f6f47b
- SHA256
  
  23b5d17b9605ed38f36b26c0a66587b7849ee23a6ad0a6411f999ac908645647
- SHA512
  
  b72fc30cb6e25e643b6539ff60e8017c9d9a220927da4956d0c07ab904b4e73e141d3f1b1f130d0877c68fa25e238a6783f1c44895338a2c1202e0b873b480f0
- SSDEEP
  
  6144:8jkAq5PabueGGGGGGGGHGGGGGGGGGGGGGGGGGGGGGGGGGGGGYeibjoOCmZ72uUm5:iXueiY7mhb069m3RAwewTQF5
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2