10902a80967a842db275c634e08252acea526cb8cf175a1a4a1393030d54a118 | Triage

Sharing

General

Target

10902a80967a842db275c634e08252acea526cb8cf175a1a4a1393030d54a118.exe
Size

2.6MB
Sample

241119-ssprssxmct
MD5

da233ca9db751628025cda54fa72efa3
SHA1

e7e4dbb5696b6c9139d1d7a3edac12ff6b4c715d
SHA256

10902a80967a842db275c634e08252acea526cb8cf175a1a4a1393030d54a118
SHA512

fe84ed01cf07fa83c7be8a328d06690c0e1dbe33fc3dfded3a8386534abbd5b9bc79055e7d82cb6592a70390c032d2fdb5a1b08990254afddcb2ff3fde90c332
SSDEEP

49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bSm:sxX7QnxrloE5dpUpUbH

Score

7^/10

discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  10902a80967a842db275c634e08252acea526cb8cf175a1a4a1393030d54a118.exe
- Size
  
  2.6MB
- MD5
  
  da233ca9db751628025cda54fa72efa3
- SHA1
  
  e7e4dbb5696b6c9139d1d7a3edac12ff6b4c715d
- SHA256
  
  10902a80967a842db275c634e08252acea526cb8cf175a1a4a1393030d54a118
- SHA512
  
  fe84ed01cf07fa83c7be8a328d06690c0e1dbe33fc3dfded3a8386534abbd5b9bc79055e7d82cb6592a70390c032d2fdb5a1b08990254afddcb2ff3fde90c332
- SSDEEP
  
  49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bSm:sxX7QnxrloE5dpUpUbH
Score

7^/10

discovery persistence spyware stealer
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealer

behavioral2

discoverypersistencespywarestealer