7cee12e92c446c1ac995c521cb98bbc937c893563fae00beeb3d8933cfd3e071 | Triage

Sharing

General

Target

7cee12e92c446c1ac995c521cb98bbc937c893563fae00beeb3d8933cfd3e071
Size

6.2MB
Sample

220512-n7zhbsdfh8
MD5

ac44449d30a56d2fdcc084b9f5a84d81
SHA1

dab9242cc3759f530622e12a05bd5f8e79b77efa
SHA256

7cee12e92c446c1ac995c521cb98bbc937c893563fae00beeb3d8933cfd3e071
SHA512

125105d8ac9f35a58e15db22851013da7a0bba7503e88af98199fadacdd67cf216aeb31aa6416e90b08cb64d6af26031921904fb8d302f297c91699339d951ac

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  7cee12e92c446c1ac995c521cb98bbc937c893563fae00beeb3d8933cfd3e071
- Size
  
  6.2MB
- MD5
  
  ac44449d30a56d2fdcc084b9f5a84d81
- SHA1
  
  dab9242cc3759f530622e12a05bd5f8e79b77efa
- SHA256
  
  7cee12e92c446c1ac995c521cb98bbc937c893563fae00beeb3d8933cfd3e071
- SHA512
  
  125105d8ac9f35a58e15db22851013da7a0bba7503e88af98199fadacdd67cf216aeb31aa6416e90b08cb64d6af26031921904fb8d302f297c91699339d951ac
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2