a24148eda3bf4345cb5120375ce54afda973884143eecc7dfd186713b9f708fe | Triage

Sharing

General

Target

a24148eda3bf4345cb5120375ce54afda973884143eecc7dfd186713b9f708fe
Size

3.1MB
Sample

240914-aqe6gaxclj
MD5

7721667d876a9fe1a5f9bd5ee6342df1
SHA1

c84f9363a8269d588a0da33557b5cb144b4eb5e7
SHA256

a24148eda3bf4345cb5120375ce54afda973884143eecc7dfd186713b9f708fe
SHA512

c21cef79d5afe19a88b27b72f25ce5a0046295d70071c69018145d1bd29fd77ee9192fd1d7a4d594ab691418838f6e75124ae22c5e378b5396179a17cc28b62b
SSDEEP

49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBTB/bSqz8b6LNXJqI:sxX7QnxrloE5dpUpQbVz8eLFc

Score

9^/10

credential_access discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  a24148eda3bf4345cb5120375ce54afda973884143eecc7dfd186713b9f708fe
- Size
  
  3.1MB
- MD5
  
  7721667d876a9fe1a5f9bd5ee6342df1
- SHA1
  
  c84f9363a8269d588a0da33557b5cb144b4eb5e7
- SHA256
  
  a24148eda3bf4345cb5120375ce54afda973884143eecc7dfd186713b9f708fe
- SHA512
  
  c21cef79d5afe19a88b27b72f25ce5a0046295d70071c69018145d1bd29fd77ee9192fd1d7a4d594ab691418838f6e75124ae22c5e378b5396179a17cc28b62b
- SSDEEP
  
  49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBTB/bSqz8b6LNXJqI:sxX7QnxrloE5dpUpQbVz8eLFc
Score

9^/10

credential_access discovery persistence spyware stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscoverypersistencespywarestealer

behavioral2

credential_accessdiscoverypersistencespywarestealer