e6902600a9a281182910743371f654a9cf988fe2c6494d7a061ace3a44f859ea | Triage

Sharing

General

Target

357b4c2ed31bd6162b28608d10e696f0N.exe
Size

2.6MB
Sample

240721-aylcfs1hmb
MD5

357b4c2ed31bd6162b28608d10e696f0
SHA1

b95b88176b716e4537ca7f5ba3a50b418e23f899
SHA256

e6902600a9a281182910743371f654a9cf988fe2c6494d7a061ace3a44f859ea
SHA512

0ca8a3e6135bc282cd692ff46060aa9308e6a81990bd9024efacb74a65c6a4402ec490821a329435c28b4350cf19a0fd78b738ca93cb11f6c12bc3d15a10b79f
SSDEEP

49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBRB/bS:sxX7QnxrloE5dpUp+b

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  357b4c2ed31bd6162b28608d10e696f0N.exe
- Size
  
  2.6MB
- MD5
  
  357b4c2ed31bd6162b28608d10e696f0
- SHA1
  
  b95b88176b716e4537ca7f5ba3a50b418e23f899
- SHA256
  
  e6902600a9a281182910743371f654a9cf988fe2c6494d7a061ace3a44f859ea
- SHA512
  
  0ca8a3e6135bc282cd692ff46060aa9308e6a81990bd9024efacb74a65c6a4402ec490821a329435c28b4350cf19a0fd78b738ca93cb11f6c12bc3d15a10b79f
- SSDEEP
  
  49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBRB/bS:sxX7QnxrloE5dpUp+b
Score

7^/10

persistence spyware stealer
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer