35636874ce9ff3e75f87c4eb62e1cf6223b58f0aa5b86b529caf0a07862c86d1 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

free bobux.exe

windows7_x64

7

free bobux.exe

windows10_x64

7

Sharing

General

Target

free bobux.exe
Size

63.9MB
Sample

210922-ncjhmaehhk
MD5

c0c9e2fe7c9b46921faa12af25e1d894
SHA1

96b810fe24c0e3bfc3e2dc5119bd5c000511084f
SHA256

35636874ce9ff3e75f87c4eb62e1cf6223b58f0aa5b86b529caf0a07862c86d1
SHA512

125ac86ac06d95baa38239e792ce7860c6505926f926228d2e96ebfdb193cf85802e608b41f6cb8e9280ecaea60eb28de53b5d02cf34c4042fe2ca0761df50b5

Score

7^/10

pyinstaller spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

free bobux.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

free bobux.exe

Resource

win10-en-20210920

spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  free bobux.exe
- Size
  
  63.9MB
- MD5
  
  c0c9e2fe7c9b46921faa12af25e1d894
- SHA1
  
  96b810fe24c0e3bfc3e2dc5119bd5c000511084f
- SHA256
  
  35636874ce9ff3e75f87c4eb62e1cf6223b58f0aa5b86b529caf0a07862c86d1
- SHA512
  
  125ac86ac06d95baa38239e792ce7860c6505926f926228d2e96ebfdb193cf85802e608b41f6cb8e9280ecaea60eb28de53b5d02cf34c4042fe2ca0761df50b5
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy