4348d5c448a95a8d3baa21992e114ba00d000591a626cd32af5ba77e32a89907 | Triage

Sharing

General

Target

4348d5c448a95a8d3baa21992e114ba00d000591a626cd32af5ba77e32a89907
Size

3.1MB
Sample

240821-1rd8nssekh
MD5

12c2115cde52bc47dfccd8cb849c96f5
SHA1

c64149d1594abe616be646965526c4653e7451e2
SHA256

4348d5c448a95a8d3baa21992e114ba00d000591a626cd32af5ba77e32a89907
SHA512

036a000bdd9699ef1b3a6327f0a07151f6ff637e46d3b05d23c7fac0b2c765dfe494f17934750b44ad01576c24cbf12e5cb05c8efa2d6d117c7437bdd3c6f750
SSDEEP

49152:TVAbwWYb12jHSVaHO3Vg3gfRv9yuqohghbpVOpmV4w1Z6nPI4gyJv:5AJY5oHhb0FqWgFQlw2w4gG

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  4348d5c448a95a8d3baa21992e114ba00d000591a626cd32af5ba77e32a89907
- Size
  
  3.1MB
- MD5
  
  12c2115cde52bc47dfccd8cb849c96f5
- SHA1
  
  c64149d1594abe616be646965526c4653e7451e2
- SHA256
  
  4348d5c448a95a8d3baa21992e114ba00d000591a626cd32af5ba77e32a89907
- SHA512
  
  036a000bdd9699ef1b3a6327f0a07151f6ff637e46d3b05d23c7fac0b2c765dfe494f17934750b44ad01576c24cbf12e5cb05c8efa2d6d117c7437bdd3c6f750
- SSDEEP
  
  49152:TVAbwWYb12jHSVaHO3Vg3gfRv9yuqohghbpVOpmV4w1Z6nPI4gyJv:5AJY5oHhb0FqWgFQlw2w4gG
Score

8^/10

discovery spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealer