Overview

overview

7

Static

static

3

main2.exe

windows7_x64

7

main2.exe

windows10_x64

7

Resubmissions

05-08-2021 14:03

210805-w5hft6p2l6 7

05-08-2021 13:53

210805-9hrdhj6t5j 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    main2.exe

  • Size

    28.7MB

  • Sample

    210805-9hrdhj6t5j

  • MD5

    4cb7c9df0bc5ffb5de81287f7b780982

  • SHA1

    e078421f12089487780c8f3fe5418c9b9d490d06

  • SHA256

    3f09f8df1e94e9588e4f9584e4d97eae73bf6e7375c92751cbb1f7e9647242d3

  • SHA512

    7c1d2cb587fb6f50c7aea38c8d51ce9b77b81278470f1c8cdeedca65cedecf89dfc72b6db8ffb5254109402db79d63959cd7b6b2756a93a74c0090ceaaeefad7

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      main2.exe

    • Size

      28.7MB

    • MD5

      4cb7c9df0bc5ffb5de81287f7b780982

    • SHA1

      e078421f12089487780c8f3fe5418c9b9d490d06

    • SHA256

      3f09f8df1e94e9588e4f9584e4d97eae73bf6e7375c92751cbb1f7e9647242d3

    • SHA512

      7c1d2cb587fb6f50c7aea38c8d51ce9b77b81278470f1c8cdeedca65cedecf89dfc72b6db8ffb5254109402db79d63959cd7b6b2756a93a74c0090ceaaeefad7

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks