234eff30046424e1b1e8e07dbd076a055d2ec85bbe5a70d1cd162b0ee620cd8d | Triage

Sharing

General

Target

234eff30046424e1b1e8e07dbd076a055d2ec85bbe5a70d1cd162b0ee620cd8dN.exe
Size

2.6MB
Sample

250120-k6jtpssldq
MD5

158fe4ac75d099fe8b6d4b6cefaddda0
SHA1

9e6d3d9e787eb244763c21ac9401745f3c84c781
SHA256

234eff30046424e1b1e8e07dbd076a055d2ec85bbe5a70d1cd162b0ee620cd8d
SHA512

dbeed827ad7846fd75a0266bc2f0df4b0a41808553584eb1fd44ab1d95ef5a561562e6f3c468ee58d97153ac0435debc85867b216c7b6d2102267f617bb288c7
SSDEEP

49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBTB/bS:sxX7QnxrloE5dpUpob

Score

7^/10

discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  234eff30046424e1b1e8e07dbd076a055d2ec85bbe5a70d1cd162b0ee620cd8dN.exe
- Size
  
  2.6MB
- MD5
  
  158fe4ac75d099fe8b6d4b6cefaddda0
- SHA1
  
  9e6d3d9e787eb244763c21ac9401745f3c84c781
- SHA256
  
  234eff30046424e1b1e8e07dbd076a055d2ec85bbe5a70d1cd162b0ee620cd8d
- SHA512
  
  dbeed827ad7846fd75a0266bc2f0df4b0a41808553584eb1fd44ab1d95ef5a561562e6f3c468ee58d97153ac0435debc85867b216c7b6d2102267f617bb288c7
- SSDEEP
  
  49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBTB/bS:sxX7QnxrloE5dpUpob
Score

7^/10

discovery persistence spyware stealer
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealer

behavioral2

discoverypersistencespywarestealer