6ccbc3d109b9353672e5c70e0bdd85774132e308a21b5a0c1c46f94f0bcf0bf3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ccbc3d109b9353672e5c70e0bdd85774132e308a21b5a0c1c46f94f0bcf0bf3
Size

5.7MB
Sample

240823-3ln7ssvhrj
MD5

421406a3899b76cf9327249953fd7f6c
SHA1

a6de38ed62c06048fa3aa602fa041d74f47734b7
SHA256

6ccbc3d109b9353672e5c70e0bdd85774132e308a21b5a0c1c46f94f0bcf0bf3
SHA512

444a7e027597d5a58bd121b8a71bc8f21bdb59c490e9fff9e274a661e16b6a7c0992eb231bece4261c6107178d893179779e40cef9f9118c09750032aaf3cbfb
SSDEEP

98304:C0NFb6666666666666666666666666666666x666666666666666fwwwwwwwwwwT:qRsBd3K2OoT7tafGFxSiEmFgFP8gzQI3

Score

8^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  6ccbc3d109b9353672e5c70e0bdd85774132e308a21b5a0c1c46f94f0bcf0bf3
- Size
  
  5.7MB
- MD5
  
  421406a3899b76cf9327249953fd7f6c
- SHA1
  
  a6de38ed62c06048fa3aa602fa041d74f47734b7
- SHA256
  
  6ccbc3d109b9353672e5c70e0bdd85774132e308a21b5a0c1c46f94f0bcf0bf3
- SHA512
  
  444a7e027597d5a58bd121b8a71bc8f21bdb59c490e9fff9e274a661e16b6a7c0992eb231bece4261c6107178d893179779e40cef9f9118c09750032aaf3cbfb
- SSDEEP
  
  98304:C0NFb6666666666666666666666666666666x666666666666666fwwwwwwwwwwT:qRsBd3K2OoT7tafGFxSiEmFgFP8gzQI3
Score

8^/10

discovery spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer