347fcbf60548370ef37d2234eb2a7f461e142a8535ad822f5750a3d60c459929 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06baffc97652e30b1a54f7c82c29c080N.exe
Size

488KB
Sample

240711-zdg7qsvgpe
MD5

06baffc97652e30b1a54f7c82c29c080
SHA1

89a60bb328dbe4d8a7dfcf029dcd5fc5be4d9428
SHA256

347fcbf60548370ef37d2234eb2a7f461e142a8535ad822f5750a3d60c459929
SHA512

fbbdf47d3bbf1442e0648f56bcf6fe8c71aa58817ca93df9b744b295cb2919544aef5b3520dd8fc8e4801ee1927f81720e1ced747153791aa876ba536a9d3863
SSDEEP

6144:kZDVBH5rmPdmBjlummcLVascAHsFeU8U5nylUrJNRoxlcY/4ddkJz7Nzlaslgq:0TrmPdOhummUVacHs9x5MaDkJFlawgq

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  06baffc97652e30b1a54f7c82c29c080N.exe
- Size
  
  488KB
- MD5
  
  06baffc97652e30b1a54f7c82c29c080
- SHA1
  
  89a60bb328dbe4d8a7dfcf029dcd5fc5be4d9428
- SHA256
  
  347fcbf60548370ef37d2234eb2a7f461e142a8535ad822f5750a3d60c459929
- SHA512
  
  fbbdf47d3bbf1442e0648f56bcf6fe8c71aa58817ca93df9b744b295cb2919544aef5b3520dd8fc8e4801ee1927f81720e1ced747153791aa876ba536a9d3863
- SSDEEP
  
  6144:kZDVBH5rmPdmBjlummcLVascAHsFeU8U5nylUrJNRoxlcY/4ddkJz7Nzlaslgq:0TrmPdOhummUVacHs9x5MaDkJFlawgq
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2