0fffd2bf2cdb00fac58958f370f0b4b1a63c2f76d4c69a2576b3378b2179727d | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Multi_Chea...er.exe

windows10-2004_x64

7

Resubmissions

11-05-2022 22:02

220511-1x5yksdcdl 7

11-05-2022 21:58

220511-1vxt7adbfj 7

Sharing

General

Target

Multi_Cheat_Loader.exe
Size

11.5MB
Sample

220511-1x5yksdcdl
MD5

e552650b305e9909173b8e625df22732
SHA1

9b6e6e3e1bd5ba8b7665069b0d366eefae99651d
SHA256

0fffd2bf2cdb00fac58958f370f0b4b1a63c2f76d4c69a2576b3378b2179727d
SHA512

aa60c30f7876b3d60f2c7693b514ab00c5b16b5c5cc4f4a9f59fac732d286afcab30b6c58ee90627615cbd59ec661fa3eb8ccf1a441afd86d325e09125ea46bb

Score

7^/10

pyinstaller spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Multi_Cheat_Loader.exe

Resource

win10v2004-20220414-en

spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Multi_Cheat_Loader.exe
- Size
  
  11.5MB
- MD5
  
  e552650b305e9909173b8e625df22732
- SHA1
  
  9b6e6e3e1bd5ba8b7665069b0d366eefae99651d
- SHA256
  
  0fffd2bf2cdb00fac58958f370f0b4b1a63c2f76d4c69a2576b3378b2179727d
- SHA512
  
  aa60c30f7876b3d60f2c7693b514ab00c5b16b5c5cc4f4a9f59fac732d286afcab30b6c58ee90627615cbd59ec661fa3eb8ccf1a441afd86d325e09125ea46bb
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy