Overview

overview

8

Static

static

Pine Islan...ds.exe

windows7_x64

1

Pine Islan...ds.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Pine_Islands.zip

  • Size

    12.9MB

  • Sample

    211024-wapkvsffhj

  • MD5

    837753809a5233537af55f1098a2102c

  • SHA1

    bf3e22bede525f5e79a4a9db86728c108e157c10

  • SHA256

    90cd4fa4bdb4efddbed778ebc2a2ab1ea08d8db6d733606a83b36276de1de5a4

  • SHA512

    84fc887ed6ce3cf9cf1887de72d3bdb176247688edc046f57d302f3f0afb235fb419b312aaff4e5147b9797f00f97305ee30a9fca9764aa6fd219565201d7198

Score
8/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      Pine Islands/Pine Islands.exe

    • Size

      33.7MB

    • MD5

      3a4fa7ce56c4db606e1bfeb23b528d36

    • SHA1

      f7570c51e92dbd3fbc0ea93190e12e1c8644d579

    • SHA256

      0291d11f0340061e097f0f2e3afed7662e12f426b22fb76e0bbb9cd739a6e67c

    • SHA512

      3ba6bee096c8fcaa6f9074df2bd4d57a4c4000ec84b707b3f9c78deb667984b8a7f0a53d2960398179651e4056fb95b9153b0ca41c791a44d64b90bac09516f5

    Score
    8/10
    pyinstallerspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Process Discovery

1
T1057

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks