a3943ef02d2f437e916c54c222820e2d88c4012ba29c07d9be036a1a65a8224d | Triage

Sharing

General

Target

a3943ef02d2f437e916c54c222820e2d88c4012ba29c07d9be036a1a65a8224d
Size

994KB
Sample

241014-b9qxravhpe
MD5

0af1d39defdf0752f4f5993941607e47
SHA1

7ac76e880a3c91071483dd2dccf03782d3157409
SHA256

a3943ef02d2f437e916c54c222820e2d88c4012ba29c07d9be036a1a65a8224d
SHA512

498229fde269dc3f9c57aa1a10472f26cf1854033a5e0614640d7a96c2c6dfebabdedc2d2926b6cc25f8a42063debd6d6a8dccaf36c75fd3d85c5f8674526f81
SSDEEP

12288:vF98TJu8NR7wb+nLFQCjWID7dF98TJu8NR7wb+nLFQCjWID7M:vFmJ1R7GQLSCjtdFmJ1R7GQLSCjtM

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  a3943ef02d2f437e916c54c222820e2d88c4012ba29c07d9be036a1a65a8224d
- Size
  
  994KB
- MD5
  
  0af1d39defdf0752f4f5993941607e47
- SHA1
  
  7ac76e880a3c91071483dd2dccf03782d3157409
- SHA256
  
  a3943ef02d2f437e916c54c222820e2d88c4012ba29c07d9be036a1a65a8224d
- SHA512
  
  498229fde269dc3f9c57aa1a10472f26cf1854033a5e0614640d7a96c2c6dfebabdedc2d2926b6cc25f8a42063debd6d6a8dccaf36c75fd3d85c5f8674526f81
- SSDEEP
  
  12288:vF98TJu8NR7wb+nLFQCjWID7dF98TJu8NR7wb+nLFQCjWID7M:vFmJ1R7GQLSCjtdFmJ1R7GQLSCjtM
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer