38dd5a1f519af09d093bb5ab2547f8a1efc8fb56ab79b918e8705a07a0000223 | Triage

Sharing

General

Target

d9ee475d4e64439b3604422a95b93f70N.exe
Size

292KB
Sample

240721-r7qrzatepf
MD5

d9ee475d4e64439b3604422a95b93f70
SHA1

bd4990be499b6f69331a4b7e15bdd47a7e7691ef
SHA256

38dd5a1f519af09d093bb5ab2547f8a1efc8fb56ab79b918e8705a07a0000223
SHA512

5d5cb01ea6a6e3a01fd3b617fe3cf100b63468d458de986f9afbba2ea1010e5d6cf3c533de1fe121c8e231920a9625b5670e18b285d508a0cf8cedaf1b0c9a2d
SSDEEP

6144:KGZTOeUjD51Wbo5pkVuAcVq3ucoyN9w5CF/N4ceZa/7bsaTplxPZs:KGFUjD51BlAbdo8war7/7bsqs

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  d9ee475d4e64439b3604422a95b93f70N.exe
- Size
  
  292KB
- MD5
  
  d9ee475d4e64439b3604422a95b93f70
- SHA1
  
  bd4990be499b6f69331a4b7e15bdd47a7e7691ef
- SHA256
  
  38dd5a1f519af09d093bb5ab2547f8a1efc8fb56ab79b918e8705a07a0000223
- SHA512
  
  5d5cb01ea6a6e3a01fd3b617fe3cf100b63468d458de986f9afbba2ea1010e5d6cf3c533de1fe121c8e231920a9625b5670e18b285d508a0cf8cedaf1b0c9a2d
- SSDEEP
  
  6144:KGZTOeUjD51Wbo5pkVuAcVq3ucoyN9w5CF/N4ceZa/7bsaTplxPZs:KGFUjD51BlAbdo8war7/7bsqs
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2