1d7d5f028dd37565db953212f5ea75436d9e190bc070132b2cdcceedd76606bd | Triage

Sharing

General

Target

CleanSweep2.zip
Size

25.8MB
Sample

240901-vkktzsxcld
MD5

fcf08365c65c07448c2e5dabe76766a3
SHA1

741f8201750528529c398bba65a599c3af2e819e
SHA256

1d7d5f028dd37565db953212f5ea75436d9e190bc070132b2cdcceedd76606bd
SHA512

59d63aff7c94eea4a4fb3d22c54f21598124eb50a17fe2d55b57e44d65319c7d1db381dc2128fd5e678bfdcb5eeac541eb359220af4659d95fb677cdab592050
SSDEEP

786432:vAb/FPfuqEf4uL6OZHgVTYZIwt6rFR8zCdUV5jMYGX:K/FOKXTEV6P8zCdU71G

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  CleanSweep2_CLI/CleanSweep2_CLI.exe
- Size
  
  57.2MB
- MD5
  
  184ce67f8db8013ef612d27fbff67857
- SHA1
  
  22952e1ffc80ae7883dd7938c2aa71549a2b8001
- SHA256
  
  dfa820614635c610f278a76c52f155b6fa39220f0ec571948501c51c1d872159
- SHA512
  
  8d6fa1f3627ac3f0c0e86cc28c9788fa95a91f1310294f64073758db8345243d9bbd7fb899af06d750841c55a663534c8e5563a1cad9da875e0123d6b1b330ae
- SSDEEP
  
  786432:kHBRPj9yxBcIfXHj3J+lFWeTS0SazRBx22Y9Emxq:uRP23P0xzcEmE
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  CleanSweep2_GUI/CleanSweep2.exe
- Size
  
  155KB
- MD5
  
  0eb90eef26ff46b5aee3451b5b7632da
- SHA1
  
  46380d32a0d8fff538b1c96707399afabb48246c
- SHA256
  
  727f8779b00bc246daa40156b9ca222c302eefc6c9eb7b26deaa466a82bfed92
- SHA512
  
  40af99055fc34969a90203f23962f466d8c42cf682c9ce555cda3764d50ae1ded75a95c06bf2a10aa225ab5e1da3dd971615f9e7b194763cda7b2de5bbb635cf
- SSDEEP
  
  3072:LEwcb50nOAq65hEHGVemcb5xbzxzV5Ee+rRhmY1ST01WXYZrqJIvuDLabg1mLjMO:LcbQOj2emcb5xbztV5Ee+tU15NDNnNwU
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral3 behavioral4
- Target
  
  CleanSweep2_GUI/Octokit.dll
- Size
  
  1006KB
- MD5
  
  050ef11676c32e6f285f86eecf683afd
- SHA1
  
  d9037d7f716ab8c101a881617bb8f7f1c2c5da09
- SHA256
  
  69b3dff39c6e7fefeea9b5c250e201e1345a8ead742f9e15e44e7526f5ed7bde
- SHA512
  
  40a98ccb7a2a29cdd0f7a6457acad6f884c8eb526e8c19ff1026eb8be4635b1853090216e86e341b61a25182f50ef8ae11c72df5236ff2b3caa42834b590aa9d
- SSDEEP
  
  12288:Sqp2GkscVOlkQT7eGI5U4JTaT5G02xQxuOEQT7eGI5U4tTdG0RQxXOFG5KXPe6Wj:zp2GksWOlW/e6WDo3cS5wVRRFHV8Kpm
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer

behavioral3

behavioral4

behavioral5

behavioral6