c53b524f93bfc772458bb3d17872e519e9d281ec38df764c1f241a982d1046de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c53b524f93bfc772458bb3d17872e519e9d281ec38df764c1f241a982d1046deN
Size

369KB
Sample

240919-tb9w3sxalb
MD5

b64fbc7362b68978ae5d4206e857e7f0
SHA1

ca11f7b8ab7aaf479c5580af7ce2d2c8658c12c8
SHA256

c53b524f93bfc772458bb3d17872e519e9d281ec38df764c1f241a982d1046de
SHA512

260d5d9b47f3521ee55ec316e110193265f28400e15bbf15b4387c17ed89de3a319fbc9c64cbc73be8dabf37b117d1d804dc2d5ee6a3f81088f290f66962904c
SSDEEP

6144:ztvBPnU1b7e9SQii1EkoNlhlrQ2ZrM2xDM5z51PhPHdwLFM484Lm7Sq:Zv1nWdQP1EDhZPxDM5z5vOBLS7Sq

Score

7^/10

discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  c53b524f93bfc772458bb3d17872e519e9d281ec38df764c1f241a982d1046deN
- Size
  
  369KB
- MD5
  
  b64fbc7362b68978ae5d4206e857e7f0
- SHA1
  
  ca11f7b8ab7aaf479c5580af7ce2d2c8658c12c8
- SHA256
  
  c53b524f93bfc772458bb3d17872e519e9d281ec38df764c1f241a982d1046de
- SHA512
  
  260d5d9b47f3521ee55ec316e110193265f28400e15bbf15b4387c17ed89de3a319fbc9c64cbc73be8dabf37b117d1d804dc2d5ee6a3f81088f290f66962904c
- SSDEEP
  
  6144:ztvBPnU1b7e9SQii1EkoNlhlrQ2ZrM2xDM5z51PhPHdwLFM484Lm7Sq:Zv1nWdQP1EDhZPxDM5z5vOBLS7Sq
Score

7^/10

discovery persistence spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistencespywarestealer