85ab9958e4dc3181a12de70b84ee73789083a374b687434edc9c8bc6cb4f8c2c

Sharing

Copy URL

Twitter E-mail

General

Target

Twitch Monster.rar
Size

164.4MB
Sample

210716-51k957kt6n
MD5

9c8c13e759382880e6eeb44e37df778e
SHA1

baba306d7aaf09f3d199e80b77c3886d93276852
SHA256

85ab9958e4dc3181a12de70b84ee73789083a374b687434edc9c8bc6cb4f8c2c
SHA512

a69f1d38353b53ac02496eb62d3dbadad34ced8fd43f70f56da443597d818c898c26b36770a3923dcf274dd988fc7c428d8f5123c7c58db36548f7e8043b27ff

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Twitch Monster/ICSharpCode.SharpZipLib.dll
- Size
  
  197KB
- MD5
  
  5a5ab6c6bf9a23d07bc72cc19c37a432
- SHA1
  
  12fd67b780088a9d95eecd06c59658447e42f65c
- SHA256
  
  85ff339d1e0b853b0f544530fb022a30254f398d8cecfcdfa9e3c0310c3f4791
- SHA512
  
  16f5d6af94daa0833d4a95fcf261273f7610a6aaba01b775a358bee6c4ff25d90ad93abfcaf917256038d0abd272502c10e4e8933a062d456db3db077a7221bd
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1
- Target
  
  Twitch Monster/Microsoft.AspNetCore.WebUtilities.dll
- Size
  
  64KB
- MD5
  
  6e3bcd451b9243ebb8af2e1d78b0887d
- SHA1
  
  37efaacd2bbf7af0545c0c4a55162787cf97cb14
- SHA256
  
  2b3410b6456ede79142fb5efa71d1801ffb9d2aacf348af84e4d161aff61d2c5
- SHA512
  
  23ddf6e7ec15c810198cc1a80486000e4e67b06702536b0310bd4691faa0cf0ce3d080f338b9400c5056fa65d30b5ab31ac163e245037396d7d4a247fb7b9e45
Score

1^/10
behavioral2
- Target
  
  Twitch Monster/Microsoft.Bcl.AsyncInterfaces.dll
- Size
  
  14KB
- MD5
  
  2d270ddbca547ab26b5be6e16e4825d7
- SHA1
  
  206852b9b8a1a26524446b6b8b820890885fca03
- SHA256
  
  3815a1da8afeda653a7a5c2a3df98bef61416552a5d96cd32782ff22b29e5cce
- SHA512
  
  17cfcacc46234cd4f232f03cb06c5febe34eecc26e1678d052f6538b4c123962a6bcb5ad633f473fc434d5e49aad8d6ee14a747c9708c5640513116367cfbff1
Score

3^/10
behavioral3
- Target
  
  Twitch Monster/Microsoft.Extensions.DependencyInjection.Abstractions.dll
- Size
  
  35KB
- MD5
  
  6f3cca084046a16c91f64953bd6ae66c
- SHA1
  
  70ed8ee6630e547125267dfb19fd2b14a0875ea6
- SHA256
  
  e51f1960c60e65c1e28869f5a296896803f24346580d49bdcadfe63ba46499ae
- SHA512
  
  b7d3cb5798e8069ff72b451a8e03e3f31ea67455dab9c14369e4f616b8dd5cd53242994a66cb58c7fd2d478380eeb79360f421816f6d2c1aa1808d4ac19c1a5d
Score

1^/10
behavioral4
- Target
  
  Twitch Monster/Microsoft.Extensions.Logging.Abstractions.dll
- Size
  
  45KB
- MD5
  
  7e5a955a4ca2820c81ecfeb297a2be2c
- SHA1
  
  6e0b5eece834578b2ea108ebc3ed54cedf011e72
- SHA256
  
  b02305fd63abc381469621c201dcddcd3753e9318ebeced07f97d85d35eb4766
- SHA512
  
  8010cde1c82f887c0676b100eef79c2ad602d1b69323cfd8eec62bae0b248bdb84ad521300883dd396e6a1287fb92a4e1d78fa8515fa3637db0174ed175b5d1c
Score

1^/10
behavioral5
- Target
  
  Twitch Monster/Microsoft.Extensions.Logging.dll
- Size
  
  29KB
- MD5
  
  46a1e9396428eabcc8bdb08fe38a9276
- SHA1
  
  8d041480b1d1370fc87adcfff86bfc5c0e967ab6
- SHA256
  
  1da5e303956930643d60c6ef0beadd5b35be592586047c950f94d4162f62648b
- SHA512
  
  b7c0afbbd499e1232931d9a34331b7655f11f22c460fd8f084bea4b583fdb87c1564fdbe681b12c7705124b62cc8fa12a5e09b87edd8ccbf857bd7d719f60037
Score

1^/10
behavioral6
- Target
  
  Twitch Monster/Microsoft.Extensions.Options.dll
- Size
  
  25KB
- MD5
  
  bac3f89e16527db0a946245ad4a9f6b7
- SHA1
  
  59e72f7cdcda5807ff710389ee4a5ac5f6231373
- SHA256
  
  63282f3f43a095ba95b6e8f691742667ec79f04055177c43ec6980cee353c93c
- SHA512
  
  f422183b59276295181cd6ba44d66be199ec9943fe3e9bcf6c7508a8cc2911fd538fd5930b7f608466cabf009b9ad7118a9e550d369bfd39d774c41b0ff9e9f1
Score

3^/10
behavioral7
- Target
  
  Twitch Monster/Microsoft.Extensions.Primitives.dll
- Size
  
  32KB
- MD5
  
  b5c71bed0a0cc2db2aa02445a4afa774
- SHA1
  
  b6606f6beb39a2f1645e20996307c21db1c569fa
- SHA256
  
  e0e19377694a527c7bf905cf574e96fb6fd1f5676771d5f7f9fe2d8510ebfd60
- SHA512
  
  643c86fa72975fe9e5a8df23a72432544046c8964b2d561edb517010eca897a3a48edfae7c727f8f534a2f7dac7df3c963ebd7049c218a349805fdbe069c86cf
Score

1^/10
behavioral8
- Target
  
  Twitch Monster/Microsoft.Net.Http.Headers.dll
- Size
  
  69KB
- MD5
  
  fe932370e40eea0a419d7cc75b183113
- SHA1
  
  4e850a0516ae47195dff08a8e26472199bd79df4
- SHA256
  
  b26f8c2534bf6b7fedb58946de95c73270c5d2c59db6188082c00ec072e3c8ce
- SHA512
  
  8706a49bdfa96bc6267e074b8ce4a148ff420b905c63297b7c1414bdc9e6684d4d280e081ecc9f865445f5bcd3398bb848daf4d0a56cd8353fd92ddc57f6e2d4
Score

3^/10
behavioral9
- Target
  
  Twitch Monster/Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
Score

1^/10
behavioral10
- Target
  
  Twitch Monster/PuppeteerSharp.dll
- Size
  
  565KB
- MD5
  
  41cd8bff6ecb828bbf99d69d8492d7c3
- SHA1
  
  6b082184e1197babffaea8dcf6ffe23b32dabf2a
- SHA256
  
  d1f8fc5a3583b73ed068c4f22f3c716968cc4b3182012360d175a2a8b06b2743
- SHA512
  
  0d1f7867cb20fbf0103af53a49910e6cebca2c305dbae873cdbe892143eecdcbd7e18fe6cb301d8b3bead84384b9dbf0d967028315a3d5c91da8471d003048dc
Score

1^/10
behavioral11
- Target
  
  Twitch Monster/TwitchBotByBigSmokeKurva.dll
- Size
  
  66KB
- MD5
  
  247f7c37f65e8d0ea578f13b3a244b65
- SHA1
  
  1e90cc700591861de65e1f6ec12b4968750bfe95
- SHA256
  
  9cee60fcab6e7445e04ecff537ddc875d3c0959ed9a37374a75f0e56553c56a2
- SHA512
  
  0a42fccd0d297335552884cd95d3da2f4e074012556e786b35812dd2a44211b4154c0c1e163b03c4d4dfad844fc5ad4734081bcb4488d4becac5d08e84e0bf77
Score

1^/10
behavioral12
- Target
  
  Twitch Monster/TwitchBotByBigSmokeKurva.exe
- Size
  
  144KB
- MD5
  
  d0c095cb96658ee1d455ef4020c4bc4f
- SHA1
  
  8078c8463ffeeaac65fe2891771f77bba63df262
- SHA256
  
  d1eb34c7059a03e2f670e63765d5cfa749267e3490116ece5e9dcb1a11145d41
- SHA512
  
  2a28c18c95b7716033f88192076bb180e06ca5ef6276653497d12015d07390b7d77005be8d6c1fd7d25b31502af4d06679702525c621ca84c0664adff73ec404
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral13
- Target
  
  Twitch Monster/linux-chromium/chrome
- Size
  
  179.9MB
- MD5
  
  e71585cb7dc48cb5a79deab50ab31de8
- SHA1
  
  bcc67df54359b625e654e5c2da9fe5f5d563b56c
- SHA256
  
  0c5c1932a24ca70b526ff17ce2ef0c5603ca3fe50d8d93c3decae6484651d394
- SHA512
  
  e6e80abde112645129c92c917acf26336043e59763083eea838b217f2312dc079de0489b0b1d57e8e4a92099b32d862d5c1b1762a93cb1d76f762398a85c6fb6
Score

1^/10
behavioral14
- Target
  
  Twitch Monster/linux-chromium/chrome-sandbox
- Size
  
  200KB
- MD5
  
  254f568bf62aaca4a397070d8bc08a71
- SHA1
  
  47f00ebc1e251f2dba63aa9831b239fc3ba407a1
- SHA256
  
  800379dd8cdcf9b7e9b27dee98e27b02bc79477029ceab08a37ab90b179e1c1d
- SHA512
  
  e82e48ab87664b85b4f2705d4d12d5e52a071313caf2eb58000153440ef7b73a574c6d8e47cc2d429b5c32051b21424ad099a66f5b10c46d2a10440f1e41a1e2
Score

3^/10
behavioral15
- Target
  
  Twitch Monster/linux-chromium/swiftshader/libEGL.so
- Size
  
  234KB
- MD5
  
  a2448ddb148437fd51b57f13e65bebe5
- SHA1
  
  776348f27bc4a48798dfdff28404c7edfb562e56
- SHA256
  
  c6a4ac27b36833c503262b5b3cf5ddf5e1d099d03810122184b3c9f3996f3886
- SHA512
  
  2d48e73bffd2ad0fe510e1f1d2cd06afa6e131619917d892a7938e51a6fcc4bece5dc44809b9e067f231b96f365375372654842abaf5075353883a5c5b2acd80
Score

1^/10
behavioral16
- Target
  
  Twitch Monster/linux-chromium/swiftshader/libGLESv2.so
- Size
  
  2.7MB
- MD5
  
  3d799b971d0c0d3003b17bdb240c952b
- SHA1
  
  bb776a53e03c847d8b842e62fe2cd3fb982563e7
- SHA256
  
  82fdcccdfbf7d22fd267f9f2508b493bc105cdffabe948d20f479aacb2e8bfb3
- SHA512
  
  4d2bee45b6d0a588edca494d2f9169801a3724e58a2562f860c819d59550f41b704461bbfd7bab3029099e73a02c66f858e04f42dac2ad93c9f1f05722ec65b4
Score

1^/10
behavioral17
- Target
  
  Twitch Monster/linux-chromium/xdg-mime
- Size
  
  36KB
- MD5
  
  df93e9c0314839c5dcd7371dff4fc1c7
- SHA1
  
  243d6d732f58df4bf7633d627fdf2f699143f203
- SHA256
  
  ad2d5802bb3604daa849ce5ac86a81acf7548c8ffd10ab4ecae1d56a5f10d63b
- SHA512
  
  5232e57597db1ec590785a1d7c99b175ef97429bf2712373b5393c3422e0cc39a6e4dc126f572bb60cef32c0e7d505ea1a4ed2eb76c1976eaf47e40d90b5f4e6
Score

1^/10
behavioral18
- Target
  
  Twitch Monster/linux-chromium/xdg-settings
- Size
  
  32KB
- MD5
  
  9ada1a6317ff8a56de510525e940945c
- SHA1
  
  bd77a2f607e3fab2ae201ed2bad2951e87071ed2
- SHA256
  
  442777b1f7d206c5ff661fea00dc1a8319df6256feccc54f186f6edacf235801
- SHA512
  
  c8d1a0c6c0b24349922bfb7a54aacf13f91c7dd1c714fbcec8225150fc0327c4c72dc4a7dfdf318c21deb79670fcc300fc64d35ee3e003fd79718973ec6a2c5d
Score

1^/10
behavioral19
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/chrome.dll
- Size
  
  163.7MB
- MD5
  
  d7589a752076569ccca1c3e8dced6fa6
- SHA1
  
  2d5b0e101d601bec28acc83b5b7a313aabd97203
- SHA256
  
  98b0702d255cea86feadd3ff2271f78a41226c5f21461c12a81f7194a15fef6b
- SHA512
  
  1f5275a82c6263e9059fe2986830628b23832cbca7ae2067d73607171cc718fa0c2a9a8c6b8f0c6da41aa676dd6767f6a8a8274e2214a1f1bf67a4c235ffd7e6
Score

1^/10
behavioral20
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/chrome_elf.dll
- Size
  
  1.1MB
- MD5
  
  033a83dbb8ab4c8735d3feda84be11ea
- SHA1
  
  1d2bfcabcaebe9270c03e11791c385a3c77205bf
- SHA256
  
  b00405f4e441af2085a3ec82e0c50cdffbd92a913688ac43081cfa24b941174b
- SHA512
  
  3b919cdb9bc0d953902f009d013cddb524124c4ef860529dd111ea1c8c2d8e208fd1e3c5a88b59cbc76bb3e2df45c121c978945144cb0b4c40e979d4fe352e62
Score

1^/10
behavioral21
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/chrome_pwa_launcher.exe
- Size
  
  1.4MB
- MD5
  
  a320cdbfb82e1d5dc13d34a1669aeb2c
- SHA1
  
  b939e148f2994b06837c896506678f69cf47125d
- SHA256
  
  459b254849932230ceab95866c60fc0c988aa2f089c41721816be0cb7e031d61
- SHA512
  
  702958b2bd246e6c4625d14375eea4908d198f373bd74ec0cb660ca0f151c237913f450c6bc29a3182ec7c58edb01958575e26163fc62d5641e679fdaf037cc9
Score

1^/10
behavioral22
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/d3dcompiler_47.dll
- Size
  
  4.3MB
- MD5
  
  7641e39b7da4077084d2afe7c31032e0
- SHA1
  
  2256644f69435ff2fee76deb04d918083960d1eb
- SHA256
  
  44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47
- SHA512
  
  8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5
Score

1^/10
behavioral23
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/eventlog_provider.dll
- Size
  
  6KB
- MD5
  
  9d77ae9cdcf7ee4af4eabc5805a135b3
- SHA1
  
  23530138b522331d924ac8ab586dedf21a2431a6
- SHA256
  
  362befeef9031c236e0f969336e9d2e4c8f4d5a1d5a07e9a2bb2835bfd76825d
- SHA512
  
  6eca35ee8259dc245f456845fe7ee49a12eccf389c889ed4b6318998898b1ebb7ba4bc763f09eef7e83f6b2493934fde32e6f052cb2dd0a8bca42340b6f359a5
Score

1^/10
behavioral24
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/libEGL.dll
- Size
  
  442KB
- MD5
  
  8b3ebc41856a45e9f240d11ba5329712
- SHA1
  
  f389fb40d8ae0b066b1476e402c4daa42d158baf
- SHA256
  
  e53d7e145b785ba151fa6c90a3179184c8484a0d5fc5f556d861035c0bd48758
- SHA512
  
  e744430f8004f34a7390f95081954aae7ca4a7bd7d4f4e6af223fe81af8b1b61e85cd810dff47f478f1710b9e52f4c7cf073c0d3facfa6ba0c0e2d147fce29be
Score

1^/10
behavioral25
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/libGLESv2.dll
- Size
  
  7.4MB
- MD5
  
  19699d38eca17786da255fba12a6a5ba
- SHA1
  
  af9559ab9b214d27723ae578263f838e659e5ca8
- SHA256
  
  126787d95629d01c41bf663349456a0aebf8e59e6ce0deead9911abd6f5d7843
- SHA512
  
  25b8855dcc66644c76992e24a6f5e4e0c5124be4dca03576fba1e690d54c3b820011c2d8437a785c9ddb920952f920c9862689ab3cd0b877c86cfa0715faa623
Score

1^/10
behavioral26
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/mojo_core.dll
- Size
  
  1.3MB
- MD5
  
  0e6fb7b66b5069272ffbca022f5a62d3
- SHA1
  
  fcb4837841eca414e41725d80816374f2c4bdd30
- SHA256
  
  657f15702db87297ebf9e76fe060601ae4b67b1c61870f9e2391adf1d7b46e5a
- SHA512
  
  3618b13546bf7932631b424fee8df36ebb3afc90620d717c938292ad1a2873a65bbe37d3428e393bd39f662d13a2a069c321321d70631aafd723db98834772e8
Score

1^/10
behavioral27
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/nacl_irt_x86_64.nexe
- Size
  
  3.7MB
- MD5
  
  9d901664701d62e75c7dfe9774595e3f
- SHA1
  
  b9116dd8207f60bba42e31a2fca776de0e1fb615
- SHA256
  
  4036db27f19e35dcc3deb09cfa265012f7fcf55067c245aaf5a5f7b9cbf77f3c
- SHA512
  
  ff3755df691dc73aed0519f172977f718666cf74edfdfd756b28d7eb7d9617dd18d55e0f27563b4851f91baefdd852fc3d59ced9c1edfdecd9531ff50dc8bf7a
Score

1^/10
behavioral28
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/notification_helper.exe
- Size
  
  1.1MB
- MD5
  
  640ecb4a6c2c0136385a4d2854bbc33f
- SHA1
  
  a18074ac7d746b0dea66385241004cbe2bb569d8
- SHA256
  
  41865a7b463455451dd211a6a389031f751863fd80df30f9bf1a4ab732b083c6
- SHA512
  
  ea6632bc3f6a339c1374a0254c19482b23121efb53913151216b70ce6d1194744f7d9424cbcf7947693f0737905530087572f3e76154973b12b987328f3c3e40
Score

3^/10
behavioral29
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/swiftshader/libEGL.dll
- Size
  
  463KB
- MD5
  
  bcbaa406c5379d0112793edeca326f99
- SHA1
  
  95efc19ea021bd068298dd43adf4846a2122c6ed
- SHA256
  
  a8f1c33227270bafd03175ce119de57a6764c030feb52a6c59b46259549d70d3
- SHA512
  
  51a088bfe1b43e9f920d710d0b4668c6b71a016e9d2fb702468686ed82727e8023e4067064e02268001d8c7301afbbfcc6aaa36850880dfb57d8eeaa1bf5745f
Score

1^/10
behavioral30
- Target
  
  Twitch Monster/windows-chromium/90.0.4430.72/swiftshader/libGLESv2.dll
- Size
  
  3.1MB
- MD5
  
  710dfd7f19a79a6cc9c7f03e65395034
- SHA1
  
  0548d6219e9cf7e3b4383563dfbd7bceb0db9518
- SHA256
  
  5b5d683d2f414317d88aab07905436cb93a92d7a73eb29eef2cbcf5ef7c643a3
- SHA512
  
  7f0ba3dbead3bce4f0c3dcf2809e6a25096292a80a270bafd444c246df4e63a5601a2d219f7bbd854367d4e4853e5f0ab25e50106b4de2b6e26dc2935f813cbc
Score

1^/10
behavioral31
- Target
  
  Twitch Monster/windows-chromium/chrome.exe
- Size
  
  2.1MB
- MD5
  
  d8a8b7ce4022bdfe8819453152e843f8
- SHA1
  
  284766f4f8cc4070b2baf628fbaade49d805ccd3
- SHA256
  
  86f1bf9653be7bc74faf79a4e89cac4a26d50796b1cc6a2fbdb3d65c228d9d69
- SHA512
  
  296e00ca1822a8790905a224c360c185431eab21c497f0a789708685095bbff6b4caf4b3c586761b7a2e418f93f0fac4da89eb9f3b42fee0aa1b244e63bd002f
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

T1130

Modify Registry

T1112

Credential Access

Credentials in Files

T1081

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Reads user/profile data of web browsers

Checks computer location settings

Reads user/profile data of web browsers

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32