87ca00e040a520b054e1fa1244816250c04a6e8e3fc784275481fe4a3c34d385 | Triage

Sharing

General

Target

WindowsFormsApp1.exe
Size

934KB
Sample

240823-lacwyswbrg
MD5

eb0d85ec71b58bd1a78e8b1e13ca065a
SHA1

2bcde74520441cf507b6283816169e49120c80c2
SHA256

87ca00e040a520b054e1fa1244816250c04a6e8e3fc784275481fe4a3c34d385
SHA512

0aae668a60ffb9c43961126eddbc88e08308bb40ce2ee4689b8f65039f86c1b651fac9a8b5418967bb405386abb0dc55433291860836c90a486edf94be457cdb
SSDEEP

24576:RcBkcBiBaMvp0LWHP79uVtgVZkBaMvp0LWHP79uVtgVZ:SBZBaa2hHz9uVaga2hHz9uVa

Score

7^/10

credential_access discovery spyware stealer

Malware Config

Targets

- Target
  
  WindowsFormsApp1.exe
- Size
  
  934KB
- MD5
  
  eb0d85ec71b58bd1a78e8b1e13ca065a
- SHA1
  
  2bcde74520441cf507b6283816169e49120c80c2
- SHA256
  
  87ca00e040a520b054e1fa1244816250c04a6e8e3fc784275481fe4a3c34d385
- SHA512
  
  0aae668a60ffb9c43961126eddbc88e08308bb40ce2ee4689b8f65039f86c1b651fac9a8b5418967bb405386abb0dc55433291860836c90a486edf94be457cdb
- SSDEEP
  
  24576:RcBkcBiBaMvp0LWHP79uVtgVZkBaMvp0LWHP79uVtgVZ:SBZBaa2hHz9uVaga2hHz9uVa
Score

7^/10

credential_access discovery spyware stealer
- Credentials from Password Stores: Windows Credential Manager
  Suspicious access to Credentials History.
  credential_access stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Windows Credential Manager

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscoveryspywarestealer