d28011e6858b1d425145a09f8ebbf21782f80aaec7bed12f909f64207b25bd6f | Triage

Sharing

General

Target

1d0533181197d75cacd31e9e61997a00N.exe
Size

282KB
Sample

240714-zs8m8swfje
MD5

1d0533181197d75cacd31e9e61997a00
SHA1

34e8b06a7f84751ffc4d25a8aa08fa7f37d17e6e
SHA256

d28011e6858b1d425145a09f8ebbf21782f80aaec7bed12f909f64207b25bd6f
SHA512

7e4d85a40489d553f8ef6165dceaa9abfc520937660cf5ec27984865b90012f2fdc8dd91968195f92912b0a2114f27d000453f73f657d7d73bd1c1fc13e29618
SSDEEP

6144:rSlMN5PabueGGGGGGGGHGGGGGGGGGGGGGGGGGGGGGGGGGGGGY/HHryU47wVmHe14:GDu/nrdXfRpNDhS01

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  1d0533181197d75cacd31e9e61997a00N.exe
- Size
  
  282KB
- MD5
  
  1d0533181197d75cacd31e9e61997a00
- SHA1
  
  34e8b06a7f84751ffc4d25a8aa08fa7f37d17e6e
- SHA256
  
  d28011e6858b1d425145a09f8ebbf21782f80aaec7bed12f909f64207b25bd6f
- SHA512
  
  7e4d85a40489d553f8ef6165dceaa9abfc520937660cf5ec27984865b90012f2fdc8dd91968195f92912b0a2114f27d000453f73f657d7d73bd1c1fc13e29618
- SSDEEP
  
  6144:rSlMN5PabueGGGGGGGGHGGGGGGGGGGGGGGGGGGGGGGGGGGGGY/HHryU47wVmHe14:GDu/nrdXfRpNDhS01
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2