lobshot | 6ad7f44ed304835017bc89a680219c61b68b1c72a1f79adffc5a1160b2e1b069 | Triage

Sharing

General

Target

6ad7f44ed304835017bc89a680219c61b68b1c72a1f79adffc5a1160b2e1b069.exe
Size

92KB
Sample

241124-yq5m5awrct
MD5

f50556239a741206415dfff7412de774
SHA1

fd958c9bc835e1687f29a39372e1a948f5e1f6e5
SHA256

6ad7f44ed304835017bc89a680219c61b68b1c72a1f79adffc5a1160b2e1b069
SHA512

2f7135d801b57c8d86202a85796d9d776bf6a386d2a228ffcf2e13fa4d51cce238afc517b293b42ca640239a8ef8c43874ba8841e7782b24e7375c35744dc5bf
SSDEEP

1536:RJaYOFIols/Cxpz6lotZrU75ctmlrYseImnPxqqPDzwkSIhb0c94McE2B7chOdL:RJajaOoC5ZQ7StmaznPpgT20gSPB7chQ

Score

10^/10

lobshot discovery spyware stealer

Malware Config

Targets

- Target
  
  6ad7f44ed304835017bc89a680219c61b68b1c72a1f79adffc5a1160b2e1b069.exe
- Size
  
  92KB
- MD5
  
  f50556239a741206415dfff7412de774
- SHA1
  
  fd958c9bc835e1687f29a39372e1a948f5e1f6e5
- SHA256
  
  6ad7f44ed304835017bc89a680219c61b68b1c72a1f79adffc5a1160b2e1b069
- SHA512
  
  2f7135d801b57c8d86202a85796d9d776bf6a386d2a228ffcf2e13fa4d51cce238afc517b293b42ca640239a8ef8c43874ba8841e7782b24e7375c35744dc5bf
- SSDEEP
  
  1536:RJaYOFIols/Cxpz6lotZrU75ctmlrYseImnPxqqPDzwkSIhb0c94McE2B7chOdL:RJajaOoC5ZQ7StmaznPpgT20gSPB7chQ
Score

8^/10

discovery spyware stealer
- Blocklisted process makes network request
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer