13088fbd12b0293fb4a2f089dffa34ada9be6df86a581f2482037424595d34eb | Triage

Sharing

General

Target

13088fbd12b0293fb4a2f089dffa34ada9be6df86a581f2482037424595d34eb
Size

8.3MB
Sample

220511-c7jw4agfbr
MD5

43418b6cfe12b97afdc6d75fa3002b5c
SHA1

20fe948a2dd61eecbb824465f34b20c71ea145e3
SHA256

13088fbd12b0293fb4a2f089dffa34ada9be6df86a581f2482037424595d34eb
SHA512

b7d03845df4241a0cb02bcf254251b1ea219b842b0c11e9110323fd9ff2d50b2d90c86841f36c6e185a7963c197835a0eb4ea286d59c2f1b4bf080388303416d

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  13088fbd12b0293fb4a2f089dffa34ada9be6df86a581f2482037424595d34eb
- Size
  
  8.3MB
- MD5
  
  43418b6cfe12b97afdc6d75fa3002b5c
- SHA1
  
  20fe948a2dd61eecbb824465f34b20c71ea145e3
- SHA256
  
  13088fbd12b0293fb4a2f089dffa34ada9be6df86a581f2482037424595d34eb
- SHA512
  
  b7d03845df4241a0cb02bcf254251b1ea219b842b0c11e9110323fd9ff2d50b2d90c86841f36c6e185a7963c197835a0eb4ea286d59c2f1b4bf080388303416d
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2