6649f06cb39d783cb1f703c510904d552103d178212405ac962a036e87877881 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

6649f06cb3...81.exe

windows7-x64

7

6649f06cb3...81.exe

windows10-2004-x64

7

Sharing

General

Target

6649f06cb39d783cb1f703c510904d552103d178212405ac962a036e87877881
Size

1.8MB
Sample

240720-xkvqaswapg
MD5

9f7a6d8b430718b71b4b0ae96127fd64
SHA1

87bb754b6fce4bc12512ebe471de1dded709d1ad
SHA256

6649f06cb39d783cb1f703c510904d552103d178212405ac962a036e87877881
SHA512

cae2a3445bbefc51dccda4c0348d0700450b799b2f405f87598b3e06ac0438d89602ce49a8a4b8a061186ea1a4185ff7a075576a4c95262a867f760aaa8a1998
SSDEEP

49152:ox5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAiaB0zj0yjoB2:ovbjVkjjCAzJIB2Yyjl

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6649f06cb39d783cb1f703c510904d552103d178212405ac962a036e87877881.exe

Resource

win7-20240704-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

6649f06cb39d783cb1f703c510904d552103d178212405ac962a036e87877881.exe

Resource

win10v2004-20240709-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  6649f06cb39d783cb1f703c510904d552103d178212405ac962a036e87877881
- Size
  
  1.8MB
- MD5
  
  9f7a6d8b430718b71b4b0ae96127fd64
- SHA1
  
  87bb754b6fce4bc12512ebe471de1dded709d1ad
- SHA256
  
  6649f06cb39d783cb1f703c510904d552103d178212405ac962a036e87877881
- SHA512
  
  cae2a3445bbefc51dccda4c0348d0700450b799b2f405f87598b3e06ac0438d89602ce49a8a4b8a061186ea1a4185ff7a075576a4c95262a867f760aaa8a1998
- SSDEEP
  
  49152:ox5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAiaB0zj0yjoB2:ovbjVkjjCAzJIB2Yyjl
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy