Overview

overview

7

Static

static

3

fc500a0b2c...4b.exe

windows7_x64

7

fc500a0b2c...4b.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc500a0b2c48f478c7603b8cfbc7c35036c9682b2c12eb335243b6911183f84b

  • Size

    10.6MB

  • Sample

    220511-c6jjyadhd5

  • MD5

    eba3fb542859c2567f690dd90eff6d48

  • SHA1

    fab48e2741b32ebb721872e5641a26ded837c0e2

  • SHA256

    fc500a0b2c48f478c7603b8cfbc7c35036c9682b2c12eb335243b6911183f84b

  • SHA512

    436944e84d51c9eea27dff9282c0bd6db89c976b1709bd2e974a9e9db4d679d31edb0d5bd7c2d9c20b3087756037595b2d952c573cb1deb5190eeb6b85a59190

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      fc500a0b2c48f478c7603b8cfbc7c35036c9682b2c12eb335243b6911183f84b

    • Size

      10.6MB

    • MD5

      eba3fb542859c2567f690dd90eff6d48

    • SHA1

      fab48e2741b32ebb721872e5641a26ded837c0e2

    • SHA256

      fc500a0b2c48f478c7603b8cfbc7c35036c9682b2c12eb335243b6911183f84b

    • SHA512

      436944e84d51c9eea27dff9282c0bd6db89c976b1709bd2e974a9e9db4d679d31edb0d5bd7c2d9c20b3087756037595b2d952c573cb1deb5190eeb6b85a59190

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks