6ffaa051a29c8c68dfaab7c210613100e5724deb06a4061495adb3787d7e1923 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ffaa051a29c8c68dfaab7c210613100e5724deb06a4061495adb3787d7e1923N
Size

1.1MB
Sample

241005-23da7azfnb
MD5

4caabc8a73a5805df21dee78aa2aa550
SHA1

9ac85773b33a08758a2fa16c1c0cffc4834897ce
SHA256

6ffaa051a29c8c68dfaab7c210613100e5724deb06a4061495adb3787d7e1923
SHA512

ce394879dd66b15364b2ccb618c9c73ba71262493cdc26875e862f64edd127ff644fc06e45fc08133c11fbe6a26abb0b807a20651d6b5a0f1c8ebb2d2e2d90dc
SSDEEP

24576:0XWIDSG0qIwDE1j6tsqjnhMgeiCl7G0nehbGZpbD:0nDKKDmg27RnWGj

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  6ffaa051a29c8c68dfaab7c210613100e5724deb06a4061495adb3787d7e1923N
- Size
  
  1.1MB
- MD5
  
  4caabc8a73a5805df21dee78aa2aa550
- SHA1
  
  9ac85773b33a08758a2fa16c1c0cffc4834897ce
- SHA256
  
  6ffaa051a29c8c68dfaab7c210613100e5724deb06a4061495adb3787d7e1923
- SHA512
  
  ce394879dd66b15364b2ccb618c9c73ba71262493cdc26875e862f64edd127ff644fc06e45fc08133c11fbe6a26abb0b807a20651d6b5a0f1c8ebb2d2e2d90dc
- SSDEEP
  
  24576:0XWIDSG0qIwDE1j6tsqjnhMgeiCl7G0nehbGZpbD:0nDKKDmg27RnWGj
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2