78ec8a8469dfb480c0a51c3ce2a122342ddf97403007f8e1a9d7b4acedb5849c | Triage

Sharing

General

Target

78ec8a8469dfb480c0a51c3ce2a122342ddf97403007f8e1a9d7b4acedb5849c
Size

512KB
Sample

240725-vdhfaasdkr
MD5

008b3ec9907d9a77af4184c4bdd21363
SHA1

4eb6cbda2f445ebab6b5e17d24aaf9410f8f0fe2
SHA256

78ec8a8469dfb480c0a51c3ce2a122342ddf97403007f8e1a9d7b4acedb5849c
SHA512

3a1fd9720e2650a0863cfb1be53815224fbae4654469fa13fbd2a7cefa9ae34e9e8527086c0f667a3c711306e48e00f171b965538603454eb8050ebf3170f2b4
SSDEEP

6144:xj9irKZ3HIwK3EsjcNVh4FwGrOg5YnOj/9XTj8Tu6eezwJ:xjErKZ3H1GE86Vh4FwF0O6XcTus

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  78ec8a8469dfb480c0a51c3ce2a122342ddf97403007f8e1a9d7b4acedb5849c
- Size
  
  512KB
- MD5
  
  008b3ec9907d9a77af4184c4bdd21363
- SHA1
  
  4eb6cbda2f445ebab6b5e17d24aaf9410f8f0fe2
- SHA256
  
  78ec8a8469dfb480c0a51c3ce2a122342ddf97403007f8e1a9d7b4acedb5849c
- SHA512
  
  3a1fd9720e2650a0863cfb1be53815224fbae4654469fa13fbd2a7cefa9ae34e9e8527086c0f667a3c711306e48e00f171b965538603454eb8050ebf3170f2b4
- SSDEEP
  
  6144:xj9irKZ3HIwK3EsjcNVh4FwGrOg5YnOj/9XTj8Tu6eezwJ:xjErKZ3H1GE86Vh4FwF0O6XcTus
Score

7^/10

discovery spyware stealer
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2