f593cd3e0a4ad34d16b48b9cdd344e486b42fbfc5bca0c25abb75b6cc03ac2d0 | Triage

Sharing

General

Target

1a8620af98d68f9cadb5916341ad1e71
Size

113KB
Sample

211229-hzdm1adbfm
MD5

1a8620af98d68f9cadb5916341ad1e71
SHA1

1a39e1f41e89d552bd1228f7dd79e553a8dbb22e
SHA256

f593cd3e0a4ad34d16b48b9cdd344e486b42fbfc5bca0c25abb75b6cc03ac2d0
SHA512

0824ade76adc9c5f6120775ce89d6e3b64d5814683dffa39adeab2a90131a7cf1d3be0a72546c0afeeb2fd72a510639a64fc37ef23dea8baeb9dbbc9c3b38de6

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  1a8620af98d68f9cadb5916341ad1e71
- Size
  
  113KB
- MD5
  
  1a8620af98d68f9cadb5916341ad1e71
- SHA1
  
  1a39e1f41e89d552bd1228f7dd79e553a8dbb22e
- SHA256
  
  f593cd3e0a4ad34d16b48b9cdd344e486b42fbfc5bca0c25abb75b6cc03ac2d0
- SHA512
  
  0824ade76adc9c5f6120775ce89d6e3b64d5814683dffa39adeab2a90131a7cf1d3be0a72546c0afeeb2fd72a510639a64fc37ef23dea8baeb9dbbc9c3b38de6
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer