583be1d39c9b6a613fa25e864247028ef23f8556537f4e2d965cef339bb8d5b1 | Triage

Sharing

General

Target

583be1d39c9b6a613fa25e864247028ef23f8556537f4e2d965cef339bb8d5b1
Size

757KB
Sample

240825-c21yessgkh
MD5

ef3d4cf6e90e8ee0c307759dfd2d326b
SHA1

80cd914b3798944219eb361d3a1e450dedf41535
SHA256

583be1d39c9b6a613fa25e864247028ef23f8556537f4e2d965cef339bb8d5b1
SHA512

f87363ea8bc02cdb75d2bcbbe801d2e86c1c432dbc92325b4f08439f88ad253c5fe6ed8fd24d9534f530743bcce82719f26798ab8fa0a2c4a50c409d18ea471d
SSDEEP

12288:8xewA4P3TEz6SdvAnX1MqFo4WhPzuCQW3R8xL7sdz7Zi7B8oZWudrRKSvXR6Fqwf:8Q3S3TgrdYX1Hz

Score

9^/10

credential_access discovery stealer

Malware Config

Targets

- Target
  
  583be1d39c9b6a613fa25e864247028ef23f8556537f4e2d965cef339bb8d5b1
- Size
  
  757KB
- MD5
  
  ef3d4cf6e90e8ee0c307759dfd2d326b
- SHA1
  
  80cd914b3798944219eb361d3a1e450dedf41535
- SHA256
  
  583be1d39c9b6a613fa25e864247028ef23f8556537f4e2d965cef339bb8d5b1
- SHA512
  
  f87363ea8bc02cdb75d2bcbbe801d2e86c1c432dbc92325b4f08439f88ad253c5fe6ed8fd24d9534f530743bcce82719f26798ab8fa0a2c4a50c409d18ea471d
- SSDEEP
  
  12288:8xewA4P3TEz6SdvAnX1MqFo4WhPzuCQW3R8xL7sdz7Zi7B8oZWudrRKSvXR6Fqwf:8Q3S3TgrdYX1Hz
Score

9^/10

discovery credential_access stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

credential_accessdiscoverystealer