4c7f773287a5d77dbfdb2b523643b5b78c2f60c80077ea84024443630f1062fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d885fe6fcce23b048231b5a89c74590N.exe
Size

2.6MB
Sample

240719-qlxsqawglh
MD5

9d885fe6fcce23b048231b5a89c74590
SHA1

90a3d11d0412ff222729217724f3aafa15b6fbc9
SHA256

4c7f773287a5d77dbfdb2b523643b5b78c2f60c80077ea84024443630f1062fb
SHA512

15b68c2d67863b749e7283e55b2a6df063fb116f640156b69f784cfef6d21526fc9a1615788bf04199349d8b6bb8d50cc42dd6c4c620be32a8a9abc5f40d69c1
SSDEEP

49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBhB/bS:sxX7QnxrloE5dpUp2b

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  9d885fe6fcce23b048231b5a89c74590N.exe
- Size
  
  2.6MB
- MD5
  
  9d885fe6fcce23b048231b5a89c74590
- SHA1
  
  90a3d11d0412ff222729217724f3aafa15b6fbc9
- SHA256
  
  4c7f773287a5d77dbfdb2b523643b5b78c2f60c80077ea84024443630f1062fb
- SHA512
  
  15b68c2d67863b749e7283e55b2a6df063fb116f640156b69f784cfef6d21526fc9a1615788bf04199349d8b6bb8d50cc42dd6c4c620be32a8a9abc5f40d69c1
- SSDEEP
  
  49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBhB/bS:sxX7QnxrloE5dpUp2b
Score

7^/10

persistence spyware stealer
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer