77198028aa9ae20904882c4ded43d5efe7588a8f5f1a90a83cd0e8af41e9a802 | Triage

Sharing

General

Target

77198028aa9ae20904882c4ded43d5efe7588a8f5f1a90a83cd0e8af41e9a802N.exe
Size

1.3MB
Sample

241119-xr3dqazpas
MD5

11630c91bda711d69c0b1c80527d58c0
SHA1

9c599ff3114b84640276eaf25d1d321baec46c47
SHA256

77198028aa9ae20904882c4ded43d5efe7588a8f5f1a90a83cd0e8af41e9a802
SHA512

203e5aa9a2626e31c08bb151374ad5c2221eab381c73a967cb7a2f9010689de4d130ebf1da37ce36d992c664c64f6c8e1565628303233399284b98e25be9329c
SSDEEP

24576:ONiCgn16ZTlhtctmeP2kdk+V8q3vi0m+dn5hkoOWuXJE:ONcnUZphtcgePN++pPkx5

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  77198028aa9ae20904882c4ded43d5efe7588a8f5f1a90a83cd0e8af41e9a802N.exe
- Size
  
  1.3MB
- MD5
  
  11630c91bda711d69c0b1c80527d58c0
- SHA1
  
  9c599ff3114b84640276eaf25d1d321baec46c47
- SHA256
  
  77198028aa9ae20904882c4ded43d5efe7588a8f5f1a90a83cd0e8af41e9a802
- SHA512
  
  203e5aa9a2626e31c08bb151374ad5c2221eab381c73a967cb7a2f9010689de4d130ebf1da37ce36d992c664c64f6c8e1565628303233399284b98e25be9329c
- SSDEEP
  
  24576:ONiCgn16ZTlhtctmeP2kdk+V8q3vi0m+dn5hkoOWuXJE:ONcnUZphtcgePN++pPkx5
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2