800136d6a0b36ba5e48f555acc181c6c89ee8f878d87afb50f14897147ae85fd | Triage

Sharing

General

Target

800136d6a0b36ba5e48f555acc181c6c89ee8f878d87afb50f14897147ae85fd
Size

5.1MB
Sample

240816-3k229sxfnm
MD5

576fc72da3a7b74b18a6268936a7e9e7
SHA1

f457e955f47219bfcde70d31db8797be3611d782
SHA256

800136d6a0b36ba5e48f555acc181c6c89ee8f878d87afb50f14897147ae85fd
SHA512

f3cd3ea55e2c7888185a6e7217dab86cd828f96068bf9ed8dcf9a0bc7c53e41a4682ec04ed60e4d10c1f6e016e9de0905e38bc3f7399a4f510bddf4d0e510506
SSDEEP

98304:l0NFQ16666666666666666666666666666666x666666666666666fwwwwwwwwwk:JZ6/UCWpVJjQzvrs3ZfIB4Uf7ivDqqZP

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  800136d6a0b36ba5e48f555acc181c6c89ee8f878d87afb50f14897147ae85fd
- Size
  
  5.1MB
- MD5
  
  576fc72da3a7b74b18a6268936a7e9e7
- SHA1
  
  f457e955f47219bfcde70d31db8797be3611d782
- SHA256
  
  800136d6a0b36ba5e48f555acc181c6c89ee8f878d87afb50f14897147ae85fd
- SHA512
  
  f3cd3ea55e2c7888185a6e7217dab86cd828f96068bf9ed8dcf9a0bc7c53e41a4682ec04ed60e4d10c1f6e016e9de0905e38bc3f7399a4f510bddf4d0e510506
- SSDEEP
  
  98304:l0NFQ16666666666666666666666666666666x666666666666666fwwwwwwwwwk:JZ6/UCWpVJjQzvrs3ZfIB4Uf7ivDqqZP
Score

8^/10

discovery spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer