c46038270272da461675c827baabb96c119f15b53c866ef8d7cbaa2582da4873 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4k_cheat-main.zip
Size

1.6MB
Sample

241004-2hskdazerj
MD5

fc5a8033e58d773093136cde2ab944e5
SHA1

b4f6d87e44f10a1e323a4219352f0395969fd73f
SHA256

c46038270272da461675c827baabb96c119f15b53c866ef8d7cbaa2582da4873
SHA512

d068aebf88c35fa0a788425f4824058546b020dffd81272e3eac7da72c3036a832fefaeff60cbdfff39e689ab35eef6e532aefa4734d027e62c6f27340636bc6
SSDEEP

24576:wtUQ/ru/aHRWU88poTt35t0NGkD0l0+5TY1W8yyomaYpEyxnbIfLAebeGQXw:EP/z4sohMNGBOVW8yy24xbBebPQg

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  Solara_Installer 3.0.2.exe.exe
- Size
  
  2.2MB
- MD5
  
  3ef90d8e258f1e3e40b558fa87764101
- SHA1
  
  5555481a8c837753128649c1d835535f9dbc8f7c
- SHA256
  
  9c246bce209eee1686034f9962409649b24e23cb8f2333921d39754837696e32
- SHA512
  
  3de19f5571338fcae969f2293fa1e765818606a1a482665e61fc47d3a3c9d070425c8d0e4c2842b35ee07047ab9bd719af3dbb6c3e2e6eb831e81be45c45f4f7
- SSDEEP
  
  49152:qBIwwRDNu+mprsU0EgxcYHK2SvjdfU6eNw12:MI7RD8rVqxSJUS2
Score

7^/10

discovery spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer