ad2e3cd985afb669064308d3f277374bcba19440c9ae5e28b9998dc57e813801 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

Speedy.zip

windows10-2004-x64

1

Speedy/Spe...st.exe

windows10-2004-x64

8

��)�]B�.pyc

windows10-2004-x64

Sharing

General

Target

Speedy.zip
Size

7.4MB
Sample

240428-vafghscd5s
MD5

0ba462c5fdcc2640dc27be3bdb4f8693
SHA1

6106a4d74d28e997f9567b0f0d525f303376182b
SHA256

ad2e3cd985afb669064308d3f277374bcba19440c9ae5e28b9998dc57e813801
SHA512

b764f7a336cd6761bcadab31f63ee1c848bcfb5ecb47aa507166fba80219cacaa612c83758aa4eb15f2bba77b5708c6bb289ab2b7fccad3bacfda8dac4d7579f
SSDEEP

196608:08lSXsVurfIfJWT2i8rEjOEg2MAnreWhm6Ftr1:0uSXsVucQTvjJgaamFtr1

Score

8^/10

spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

Speedy.zip

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral2

Sample

Speedy/SpeedyBoost.exe

Resource

win10v2004-20240426-en

spyware stealer upx

windows10-2004-x64

16 signatures

300 seconds

Behavioral task

behavioral3

Sample

��)�]B�.pyc

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

300 seconds

Malware Config

Targets

- Target
  
  Speedy.zip
- Size
  
  7.4MB
- MD5
  
  0ba462c5fdcc2640dc27be3bdb4f8693
- SHA1
  
  6106a4d74d28e997f9567b0f0d525f303376182b
- SHA256
  
  ad2e3cd985afb669064308d3f277374bcba19440c9ae5e28b9998dc57e813801
- SHA512
  
  b764f7a336cd6761bcadab31f63ee1c848bcfb5ecb47aa507166fba80219cacaa612c83758aa4eb15f2bba77b5708c6bb289ab2b7fccad3bacfda8dac4d7579f
- SSDEEP
  
  196608:08lSXsVurfIfJWT2i8rEjOEg2MAnreWhm6Ftr1:0uSXsVucQTvjJgaamFtr1
Score

1^/10
behavioral1
- Target
  
  Speedy/SpeedyBoost.exe
- Size
  
  7.5MB
- MD5
  
  6d00412f5c7ae7e1427a21a3b200d6d1
- SHA1
  
  c0b3c29ec79c847acbe8a48813fb6f19213097aa
- SHA256
  
  6583f9c5bfc50b8aebc525c11e8aed2b74f05823c0dffe9557803bec2f02b320
- SHA512
  
  acd0a78f8e024a8e08cf6d0ce17901958c5cd603c51aa6c0435b62f3d8f07382fd594f59e9fcc1906d2d7a4b95cb47ed43f8d1d3b1860c883d18ca426f8f5d79
- SSDEEP
  
  196608:vrL6OtTurErvI9pWjgaAnajmQsK23fQC//OoLxhr:ntTurEUWjJjmMoo4jLxhr
Score

8^/10

spyware stealer upx
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral2
- Target
  
  ��)�]B�.pyc
- Size
  
  1KB
- MD5
  
  7ea068689f01114c9ba3c5dce26b6d02
- SHA1
  
  830685f559e55290c42f94a05e20fe724b788ccf
- SHA256
  
  b727693a3112b2e1705a9eca64d3ea06557ccb3f9ae5bee6a5ed4452b932261e
- SHA512
  
  d3fcbc7d9933f676e0d9a2bdf6d4a80218193daf50c7931ff9767a1139f5e27ee3aaa9ae8aa7ea3533ff6b7256d5659b64923f8d6f27c69bc9d7e6d97dd60542
Score

1^/10
behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

spywarestealerupx

behavioral3

© 2018-2024

Terms | Privacy