a2574896ec1f3cadb73dd9ecfb4d42ccf8540c32e0311477086fa86f071279db | Triage

Sharing

General

Target

a2574896ec1f3cadb73dd9ecfb4d42ccf8540c32e0311477086fa86f071279db
Size

5.1MB
Sample

240813-1tel8ayalb
MD5

bd3dc9992e261d483d5df431e275a8ce
SHA1

e8e69e4254dba5a28a4a9da9e0bb0bceb3932f5f
SHA256

a2574896ec1f3cadb73dd9ecfb4d42ccf8540c32e0311477086fa86f071279db
SHA512

8e868457384beef27ca7af1191d5f4df0091ef509a2c3bf483514059b874028846a00e6ddd20f1cc3b42efcb1cca875f7eed93a5495c8f528a94e3ce5ca15639
SSDEEP

98304:f0NFG6666666666666666666666666666666x666666666666666fwwwwwwwwwwT:AIOT2I5mTtpbvphIGZeXMxOjGe809wZV

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  a2574896ec1f3cadb73dd9ecfb4d42ccf8540c32e0311477086fa86f071279db
- Size
  
  5.1MB
- MD5
  
  bd3dc9992e261d483d5df431e275a8ce
- SHA1
  
  e8e69e4254dba5a28a4a9da9e0bb0bceb3932f5f
- SHA256
  
  a2574896ec1f3cadb73dd9ecfb4d42ccf8540c32e0311477086fa86f071279db
- SHA512
  
  8e868457384beef27ca7af1191d5f4df0091ef509a2c3bf483514059b874028846a00e6ddd20f1cc3b42efcb1cca875f7eed93a5495c8f528a94e3ce5ca15639
- SSDEEP
  
  98304:f0NFG6666666666666666666666666666666x666666666666666fwwwwwwwwwwT:AIOT2I5mTtpbvphIGZeXMxOjGe809wZV
Score

8^/10

discovery spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer