e5662c40e472ff15127b5466170ee7e235daab610c4a897a3ecffc50fa716c14 | Triage

Submit
Reports

Overview

overview

7

Static

static

Default

windows10_x64

7

Sharing

General

Target

obi.exe
Size

216KB
Sample

201122-az3r93j1wn
MD5

ba952388e4c1852e3c0652ad22edb96c
SHA1

bb99c2ee45f211cb912825a39be8c1f9e2b66f56
SHA256

e5662c40e472ff15127b5466170ee7e235daab610c4a897a3ecffc50fa716c14
SHA512

74049c83eaabb48a15043e0cbaaa52bbfb5aded7cd85d7baa39b64a094ea41e151199882e7f3282f83441898214b6e37fd254358043f2e95a312eb57a89621a7

Score

7^/10

spyware

Static task

static1

Behavioral task

behavioral1

Sample

obi.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  obi.exe
- Size
  
  216KB
- MD5
  
  ba952388e4c1852e3c0652ad22edb96c
- SHA1
  
  bb99c2ee45f211cb912825a39be8c1f9e2b66f56
- SHA256
  
  e5662c40e472ff15127b5466170ee7e235daab610c4a897a3ecffc50fa716c14
- SHA512
  
  74049c83eaabb48a15043e0cbaaa52bbfb5aded7cd85d7baa39b64a094ea41e151199882e7f3282f83441898214b6e37fd254358043f2e95a312eb57a89621a7
Score

7^/10

spyware
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy