4d73ff1e68b0dbf4d0aa169daa635eee9a4ac80637440465ab1f9cd2ba670e8e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

MM2EBYPASS.BAT
Size

64B
Sample

240726-tllx1asaqg
MD5

06a303a8aeea2c6e594901b0cdccfb35
SHA1

efdda2f7c4c77fd16915e0ed4b8873a8011ac5ba
SHA256

4d73ff1e68b0dbf4d0aa169daa635eee9a4ac80637440465ab1f9cd2ba670e8e
SHA512

b5a9865c47518e8e924b9aa3e55a9e10137fe42ed128f2c61c7cdb392a4719413ea66d3a85d1375f8b15f2764b858ee3ab2cf7eed92511eb0b392fe5c94cf7ff

Score

9^/10

credential_access discovery spyware stealer

Malware Config

Targets

- Target
  
  MM2EBYPASS.BAT
- Size
  
  64B
- MD5
  
  06a303a8aeea2c6e594901b0cdccfb35
- SHA1
  
  efdda2f7c4c77fd16915e0ed4b8873a8011ac5ba
- SHA256
  
  4d73ff1e68b0dbf4d0aa169daa635eee9a4ac80637440465ab1f9cd2ba670e8e
- SHA512
  
  b5a9865c47518e8e924b9aa3e55a9e10137fe42ed128f2c61c7cdb392a4719413ea66d3a85d1375f8b15f2764b858ee3ab2cf7eed92511eb0b392fe5c94cf7ff
Score

9^/10

credential_access discovery spyware stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Credentials from Password Stores: Windows Credential Manager
  Suspicious access to Credentials History.
  credential_access stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Windows Credential Manager

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

credential_accessdiscoveryspywarestealer