8a51e546c8cd44760268bae706247a39c7e96bdd9a96723aa5ac68c43aa129ce | Triage

Sharing

General

Target

8a51e546c8cd44760268bae706247a39c7e96bdd9a96723aa5ac68c43aa129ceN
Size

899KB
Sample

240919-hmvqrawdqj
MD5

002574290c2a37bb51f65b460f5d10e0
SHA1

36a6549ca503107e6f4dcb5b0c66671a34e3cc0a
SHA256

8a51e546c8cd44760268bae706247a39c7e96bdd9a96723aa5ac68c43aa129ce
SHA512

22116226e1ddc0dbed32c6c7fd4e38c0a1f62077ccb77ae246314e4259317bae62c10615f58daf6c02c412bdfcbbb58be9e585ecd9c6ffd97677cefd8aff77f8
SSDEEP

12288:GjYRm7QOUFxrieZfSQOL7w9pBCf75PalFJfiPpjZc5RsLzVjy3Z8hd8MGV0X0pSz:G0jFFwek7UdCKDmNc5K5/hd85rc+iL1

Score

7^/10

discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  8a51e546c8cd44760268bae706247a39c7e96bdd9a96723aa5ac68c43aa129ceN
- Size
  
  899KB
- MD5
  
  002574290c2a37bb51f65b460f5d10e0
- SHA1
  
  36a6549ca503107e6f4dcb5b0c66671a34e3cc0a
- SHA256
  
  8a51e546c8cd44760268bae706247a39c7e96bdd9a96723aa5ac68c43aa129ce
- SHA512
  
  22116226e1ddc0dbed32c6c7fd4e38c0a1f62077ccb77ae246314e4259317bae62c10615f58daf6c02c412bdfcbbb58be9e585ecd9c6ffd97677cefd8aff77f8
- SSDEEP
  
  12288:GjYRm7QOUFxrieZfSQOL7w9pBCf75PalFJfiPpjZc5RsLzVjy3Z8hd8MGV0X0pSz:G0jFFwek7UdCKDmNc5K5/hd85rc+iL1
Score

7^/10

discovery persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealer

behavioral2

discoverypersistencespywarestealer