55eef3e7e92c79c8de2d46c876adf77ef1b6024c2483417e130d8da51639d64d | Triage

Sharing

General

Target

55eef3e7e92c79c8de2d46c876adf77ef1b6024c2483417e130d8da51639d64d
Size

1.1MB
Sample

241121-jq492azblg
MD5

0ab6eee51de3143addbf78033dc1ef4b
SHA1

65cda619a961e0e19778d1a2d66c9bd980a28084
SHA256

55eef3e7e92c79c8de2d46c876adf77ef1b6024c2483417e130d8da51639d64d
SHA512

c632e9a7ec518664dc1c439c76980a388a50cea7b7be1abf20cadeb1522bc51b6fcb59395bbf9501cdb2da1d48acd913ec0e0c1fc21c51d7e7db0faf3580e8db
SSDEEP

24576:ucv/Dyv8dRolm5NiqodYTsqjnhMgeiCl7G0nehbGZpbD:ukyUdRolm5sqoeDmg27RnWGj

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  55eef3e7e92c79c8de2d46c876adf77ef1b6024c2483417e130d8da51639d64d
- Size
  
  1.1MB
- MD5
  
  0ab6eee51de3143addbf78033dc1ef4b
- SHA1
  
  65cda619a961e0e19778d1a2d66c9bd980a28084
- SHA256
  
  55eef3e7e92c79c8de2d46c876adf77ef1b6024c2483417e130d8da51639d64d
- SHA512
  
  c632e9a7ec518664dc1c439c76980a388a50cea7b7be1abf20cadeb1522bc51b6fcb59395bbf9501cdb2da1d48acd913ec0e0c1fc21c51d7e7db0faf3580e8db
- SSDEEP
  
  24576:ucv/Dyv8dRolm5NiqodYTsqjnhMgeiCl7G0nehbGZpbD:ukyUdRolm5sqoeDmg27RnWGj
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2