ddff09550d8ba0ae38e6a7a291f6decd9fae585d39705b72d27994ffca95349f | Triage

Submit
Reports

Overview

overview

7

Static

static

3

ddff09550d...9f.exe

windows7-x64

7

ddff09550d...9f.exe

windows10-2004-x64

7

Sharing

General

Target

ddff09550d8ba0ae38e6a7a291f6decd9fae585d39705b72d27994ffca95349f
Size

603KB
Sample

240701-d6gk1sverb
MD5

c6e0cee49f07af9c887b75a45d5702e0
SHA1

fceb153076f9e56603e248420f3768e730f38239
SHA256

ddff09550d8ba0ae38e6a7a291f6decd9fae585d39705b72d27994ffca95349f
SHA512

f36e5972c3955503ddea9b32fb2070112b35dae4cfb5841255da7c0852a0a23cfbc3673374018f2ea8bf4781e35bb0d091c4c4f14f05da1eb1a2687feac13e7a
SSDEEP

12288:wAvFGJNTpWSgN/wwRN0UL0G/TVOo3HC75nSE33b9YvFH:wAvFqdCN/j2GLl3iFSE33b9

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ddff09550d8ba0ae38e6a7a291f6decd9fae585d39705b72d27994ffca95349f.exe

Resource

win7-20240508-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

ddff09550d8ba0ae38e6a7a291f6decd9fae585d39705b72d27994ffca95349f.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  ddff09550d8ba0ae38e6a7a291f6decd9fae585d39705b72d27994ffca95349f
- Size
  
  603KB
- MD5
  
  c6e0cee49f07af9c887b75a45d5702e0
- SHA1
  
  fceb153076f9e56603e248420f3768e730f38239
- SHA256
  
  ddff09550d8ba0ae38e6a7a291f6decd9fae585d39705b72d27994ffca95349f
- SHA512
  
  f36e5972c3955503ddea9b32fb2070112b35dae4cfb5841255da7c0852a0a23cfbc3673374018f2ea8bf4781e35bb0d091c4c4f14f05da1eb1a2687feac13e7a
- SSDEEP
  
  12288:wAvFGJNTpWSgN/wwRN0UL0G/TVOo3HC75nSE33b9YvFH:wAvFqdCN/j2GLl3iFSE33b9
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy