786337e6ac4a71724904beb2ccc5b829225d60aeece1910e98a84f22d9bc391b | Triage

Sharing

General

Target

84554e80579f70af3ff3485f17488dc0
Size

7.7MB
Sample

210223-w14547gjqn
MD5

84554e80579f70af3ff3485f17488dc0
SHA1

90084aa1c44a728e45d3c3b5d3ad18a450f1ea1a
SHA256

786337e6ac4a71724904beb2ccc5b829225d60aeece1910e98a84f22d9bc391b
SHA512

4fd6c1fe8b725fdc4a88133815ffd44c46865177761431e38853e701ca6d89aae4c4805c3c5ec2ae20a9ba5778ba0aed1252b412cacf14e13f95e65ea0a08d04

Score

7^/10

pyinstaller spyware

Malware Config

Targets

- Target
  
  84554e80579f70af3ff3485f17488dc0
- Size
  
  7.7MB
- MD5
  
  84554e80579f70af3ff3485f17488dc0
- SHA1
  
  90084aa1c44a728e45d3c3b5d3ad18a450f1ea1a
- SHA256
  
  786337e6ac4a71724904beb2ccc5b829225d60aeece1910e98a84f22d9bc391b
- SHA512
  
  4fd6c1fe8b725fdc4a88133815ffd44c46865177761431e38853e701ca6d89aae4c4805c3c5ec2ae20a9ba5778ba0aed1252b412cacf14e13f95e65ea0a08d04
Score

7^/10

spyware
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2