40c48576c06d6895987eaf11ea8ab160fd4e566bf78ed8ff24add818d537ac0c | Triage

Sharing

General

Target

40c48576c06d6895987eaf11ea8ab160fd4e566bf78ed8ff24add818d537ac0cN.exe
Size

8.5MB
Sample

241119-wtzj6szbje
MD5

6508c9a1f0c9ce92cb5c81c39db54b00
SHA1

556cbf8b97455ba02b922fe79ebc8e01352e6915
SHA256

40c48576c06d6895987eaf11ea8ab160fd4e566bf78ed8ff24add818d537ac0c
SHA512

acb9469e64e304d24b5ffef5ed5516e273b0678f0964ef0eeb3cb7cd95a87e9acb5cd3556aedee62723208f695edf64d98e39effeb82d92259c57420d9936715
SSDEEP

98304:nSLb0Gr+t2z3jvi2SwjE1DKVIOugLED5ACOREG81Ql4e5r6f06uQ3Gv:SsT2zzq9D1o7ED59OREG81y54dt8

Score

8^/10

credential_access spyware stealer

Malware Config

Targets

- Target
  
  40c48576c06d6895987eaf11ea8ab160fd4e566bf78ed8ff24add818d537ac0cN.exe
- Size
  
  8.5MB
- MD5
  
  6508c9a1f0c9ce92cb5c81c39db54b00
- SHA1
  
  556cbf8b97455ba02b922fe79ebc8e01352e6915
- SHA256
  
  40c48576c06d6895987eaf11ea8ab160fd4e566bf78ed8ff24add818d537ac0c
- SHA512
  
  acb9469e64e304d24b5ffef5ed5516e273b0678f0964ef0eeb3cb7cd95a87e9acb5cd3556aedee62723208f695edf64d98e39effeb82d92259c57420d9936715
- SSDEEP
  
  98304:nSLb0Gr+t2z3jvi2SwjE1DKVIOugLED5ACOREG81Ql4e5r6f06uQ3Gv:SsT2zzq9D1o7ED59OREG81y54dt8
Score

8^/10

credential_access spyware stealer
- Uses browser remote debugging
  Can be used control the browser and steal sensitive information such as credentials and session cookies.
  credential_access stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Modify Authentication Process

Privilege Escalation

Defense Evasion

Modify Authentication Process

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Modify Authentication Process

Steal Web Session Cookie

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

credential_accessspywarestealer