fe7ac3bd22cc3d22e1e969a17d5f7757a690967e3edc2c95a7828eafb2186c52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebcbd852382767a8a94c8dba860c8a40N.exe
Size

663KB
Sample

240814-kx2yxsyckq
MD5

ebcbd852382767a8a94c8dba860c8a40
SHA1

c4e90bfda31acbcc054f0565eee1423356aa9f91
SHA256

fe7ac3bd22cc3d22e1e969a17d5f7757a690967e3edc2c95a7828eafb2186c52
SHA512

0c08ba956ef3eba5b5e32f8b483f34909e5deb7d3e8e9aa55833e7b9dd3046dbab8c5d3bf628cbc59596381d70800cb033b39bd5fe1534995b8712b4856ada46
SSDEEP

12288:5oZdrFW11pUd/Gt/sB1KcYmqgZvAMlUoUjG+YKtMfnkOeZb5JYiNAgAPh:5Gdy1nt/sBlDqgZQd6XKtiMJYiPU

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  ebcbd852382767a8a94c8dba860c8a40N.exe
- Size
  
  663KB
- MD5
  
  ebcbd852382767a8a94c8dba860c8a40
- SHA1
  
  c4e90bfda31acbcc054f0565eee1423356aa9f91
- SHA256
  
  fe7ac3bd22cc3d22e1e969a17d5f7757a690967e3edc2c95a7828eafb2186c52
- SHA512
  
  0c08ba956ef3eba5b5e32f8b483f34909e5deb7d3e8e9aa55833e7b9dd3046dbab8c5d3bf628cbc59596381d70800cb033b39bd5fe1534995b8712b4856ada46
- SSDEEP
  
  12288:5oZdrFW11pUd/Gt/sB1KcYmqgZvAMlUoUjG+YKtMfnkOeZb5JYiNAgAPh:5Gdy1nt/sBlDqgZQd6XKtiMJYiPU
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealer