4be6cf84477f458b12c62b63108990699cac99e2fd183688e62e6d2f98dfdd04 | Triage

Sharing

General

Target

NitroCheck.exe
Size

7.3MB
Sample

210818-vzrycszgce
MD5

bf33b17e80ff4f7a546c1ee28c751f59
SHA1

0cf577ce6c3ee82a4b27805d62c0e23908492003
SHA256

4be6cf84477f458b12c62b63108990699cac99e2fd183688e62e6d2f98dfdd04
SHA512

01e99ff2ee1b1846bfeef596b0ef1c39ba1c50c7e4736ea64c2d9595fdf56568e80382094e8b4fb157256de5bff0f83c993d11b429b18df439f21dfe8c16c7d8

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  NitroCheck.exe
- Size
  
  7.3MB
- MD5
  
  bf33b17e80ff4f7a546c1ee28c751f59
- SHA1
  
  0cf577ce6c3ee82a4b27805d62c0e23908492003
- SHA256
  
  4be6cf84477f458b12c62b63108990699cac99e2fd183688e62e6d2f98dfdd04
- SHA512
  
  01e99ff2ee1b1846bfeef596b0ef1c39ba1c50c7e4736ea64c2d9595fdf56568e80382094e8b4fb157256de5bff0f83c993d11b429b18df439f21dfe8c16c7d8
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2