32bba33951161d5c283bc74fa2d947d3753b6409c6c0a66e83bd0cf243725c4e | Triage

Sharing

General

Target

32bba33951161d5c283bc74fa2d947d3753b6409c6c0a66e83bd0cf243725c4e.exe
Size

1.2MB
Sample

241120-fgdh6s1cph
MD5

bca40a3e8d104a2c7a7fab6fce864584
SHA1

cacfc592ec807da93213c6fb3facb03b9d1987c9
SHA256

32bba33951161d5c283bc74fa2d947d3753b6409c6c0a66e83bd0cf243725c4e
SHA512

3f3520f4a1cc5b2d0570531ae1f5ab5c76c34a524fb9fdc1837f18f753186eaaaf627fb0151cf42df3142196776f75493e098e4722307d36739d72195f5abd20
SSDEEP

24576:wTpc2ZI+OPrhbjEy0sqjnhMgeiCl7G0nehbGZpbDg:w24I+gfQDmg27RnWGjo

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  32bba33951161d5c283bc74fa2d947d3753b6409c6c0a66e83bd0cf243725c4e.exe
- Size
  
  1.2MB
- MD5
  
  bca40a3e8d104a2c7a7fab6fce864584
- SHA1
  
  cacfc592ec807da93213c6fb3facb03b9d1987c9
- SHA256
  
  32bba33951161d5c283bc74fa2d947d3753b6409c6c0a66e83bd0cf243725c4e
- SHA512
  
  3f3520f4a1cc5b2d0570531ae1f5ab5c76c34a524fb9fdc1837f18f753186eaaaf627fb0151cf42df3142196776f75493e098e4722307d36739d72195f5abd20
- SSDEEP
  
  24576:wTpc2ZI+OPrhbjEy0sqjnhMgeiCl7G0nehbGZpbDg:w24I+gfQDmg27RnWGjo
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2