786337e6ac4a71724904beb2ccc5b829225d60aeece1910e98a84f22d9bc391b | Triage

Sharing

General

Target

84554e80579f70af3ff3485f17488dc0
Size

7.7MB
Sample

210223-w14547gjqn
MD5

84554e80579f70af3ff3485f17488dc0
SHA1

90084aa1c44a728e45d3c3b5d3ad18a450f1ea1a
SHA256

786337e6ac4a71724904beb2ccc5b829225d60aeece1910e98a84f22d9bc391b
SHA512

4fd6c1fe8b725fdc4a88133815ffd44c46865177761431e38853e701ca6d89aae4c4805c3c5ec2ae20a9ba5778ba0aed1252b412cacf14e13f95e65ea0a08d04

Score

7^/10

pyinstaller spyware

Malware Config

Targets

- Target
  
  84554e80579f70af3ff3485f17488dc0
- Size
  
  7.7MB
- MD5
  
  84554e80579f70af3ff3485f17488dc0
- SHA1
  
  90084aa1c44a728e45d3c3b5d3ad18a450f1ea1a
- SHA256
  
  786337e6ac4a71724904beb2ccc5b829225d60aeece1910e98a84f22d9bc391b
- SHA512
  
  4fd6c1fe8b725fdc4a88133815ffd44c46865177761431e38853e701ca6d89aae4c4805c3c5ec2ae20a9ba5778ba0aed1252b412cacf14e13f95e65ea0a08d04
Score

7^/10

spyware
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2