f266a09389e628b992560b33d50f91f022a89976cc80fa580cf780c40a74c9fa | Triage

Submit
Reports

Overview

overview

8

Static

static

Fruit_of_t...99.exe

windows10-2004_x64

8

Resubmissions

20-02-2022 18:04

220220-wnqp3sbeh6 8

Sharing

General

Target

Fruit_of_the_ace_v3.11.99.mal
Size

37.7MB
Sample

220220-wnqp3sbeh6
MD5

4f709e1c6951bbd65d03a9f44961e0ae
SHA1

b228bc6e3572f714ace26b19b9383691684e18f2
SHA256

f266a09389e628b992560b33d50f91f022a89976cc80fa580cf780c40a74c9fa
SHA512

e1a67c87bbde1b7615d3d8321734d9d4ad7a3a626b8912b27b28f4c2c85ddf85162edc62b40b7cf9377936c2d90b63a9b676a546a1ce50417e4ec32460802e7d

Score

8^/10

pyinstaller spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Fruit_of_the_ace_v3.11.99.exe

Resource

win10v2004-en-20220113

pyinstaller spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Fruit_of_the_ace_v3.11.99.mal
- Size
  
  37.7MB
- MD5
  
  4f709e1c6951bbd65d03a9f44961e0ae
- SHA1
  
  b228bc6e3572f714ace26b19b9383691684e18f2
- SHA256
  
  f266a09389e628b992560b33d50f91f022a89976cc80fa580cf780c40a74c9fa
- SHA512
  
  e1a67c87bbde1b7615d3d8321734d9d4ad7a3a626b8912b27b28f4c2c85ddf85162edc62b40b7cf9377936c2d90b63a9b676a546a1ce50417e4ec32460802e7d
Score

8^/10

pyinstaller spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

pyinstallerspywarestealer

© 2018-2024

Terms | Privacy