Overview

overview

7

Static

static

3

lol.exe

windows11_x64

7

Resubmissions

06-10-2021 16:05

211006-tjpwwabfbp 7

06-10-2021 15:58

211006-tek25abfbk 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    lol.exe

  • Size

    6.8MB

  • Sample

    211006-tjpwwabfbp

  • MD5

    4eb70e6ca68fd90ce23f809bceea02d7

  • SHA1

    0f96257dd603feabcfeca22f0ce5029f17ba4c2d

  • SHA256

    b8a9fcde3cb3f9130318b07a3b8c715e8fd9edcef11aa8af56b3942cf2566943

  • SHA512

    76ffc45928fb6f21a511e6a30ecf4de2877d5b982ee553279ccb642db852ebe7edbf56c37fd4d3aa7b40a91c9df0cd193523a71f9b6907e7650a10d72a448705

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      lol.exe

    • Size

      6.8MB

    • MD5

      4eb70e6ca68fd90ce23f809bceea02d7

    • SHA1

      0f96257dd603feabcfeca22f0ce5029f17ba4c2d

    • SHA256

      b8a9fcde3cb3f9130318b07a3b8c715e8fd9edcef11aa8af56b3942cf2566943

    • SHA512

      76ffc45928fb6f21a511e6a30ecf4de2877d5b982ee553279ccb642db852ebe7edbf56c37fd4d3aa7b40a91c9df0cd193523a71f9b6907e7650a10d72a448705

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks