32f9ce3334ad2b37893b3ae91a7c6198ecdc813bb8d25575721562173ac8857a | Triage

Sharing

General

Target

32f9ce3334ad2b37893b3ae91a7c6198ecdc813bb8d25575721562173ac8857a
Size

3.1MB
Sample

240808-hm9vnsvbja
MD5

4e91aca73959c0a5e58ebc569a2b9258
SHA1

702f600540703b16fd1e7fb35e9900d1c058a700
SHA256

32f9ce3334ad2b37893b3ae91a7c6198ecdc813bb8d25575721562173ac8857a
SHA512

1f1bd3c78939581dd5a757662dbada764dc5022dec5a650e36c50c3f821a6eed712a4cba99efdecb9497273d360eed564793ff281381f7fe0d847418ea04b1b6
SSDEEP

49152:CNEyYYC1hqiJckG38dBFOhg5/6qF3rjb/h4CNcTCP8xphzSNtOSe+aS:YEP1y3+0hgh6u/ZcTCP8BzONaS

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  32f9ce3334ad2b37893b3ae91a7c6198ecdc813bb8d25575721562173ac8857a
- Size
  
  3.1MB
- MD5
  
  4e91aca73959c0a5e58ebc569a2b9258
- SHA1
  
  702f600540703b16fd1e7fb35e9900d1c058a700
- SHA256
  
  32f9ce3334ad2b37893b3ae91a7c6198ecdc813bb8d25575721562173ac8857a
- SHA512
  
  1f1bd3c78939581dd5a757662dbada764dc5022dec5a650e36c50c3f821a6eed712a4cba99efdecb9497273d360eed564793ff281381f7fe0d847418ea04b1b6
- SSDEEP
  
  49152:CNEyYYC1hqiJckG38dBFOhg5/6qF3rjb/h4CNcTCP8xphzSNtOSe+aS:YEP1y3+0hgh6u/ZcTCP8BzONaS
Score

8^/10

discovery spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealer