736608723798340c754bc5f1c34e5d149b33da410767df037638e14f28ee6bdd | Triage

Sharing

General

Target

736608723798340c754bc5f1c34e5d149b33da410767df037638e14f28ee6bdd
Size

9.3MB
Sample

220512-n85ezagebp
MD5

19c1ba964bc4673dd86568e9f02f27a1
SHA1

38848caf6ba391dd27a05f67b66a90413d4a0de5
SHA256

736608723798340c754bc5f1c34e5d149b33da410767df037638e14f28ee6bdd
SHA512

df6b3a100520c9a5eafad42d4c1323d436c9a5b2a8a1bb5a77b47dcaacc2efa37854fda2550fcbc1099f85f82b786797bf473bad1d35e3f9e8695ce40cba593c

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  736608723798340c754bc5f1c34e5d149b33da410767df037638e14f28ee6bdd
- Size
  
  9.3MB
- MD5
  
  19c1ba964bc4673dd86568e9f02f27a1
- SHA1
  
  38848caf6ba391dd27a05f67b66a90413d4a0de5
- SHA256
  
  736608723798340c754bc5f1c34e5d149b33da410767df037638e14f28ee6bdd
- SHA512
  
  df6b3a100520c9a5eafad42d4c1323d436c9a5b2a8a1bb5a77b47dcaacc2efa37854fda2550fcbc1099f85f82b786797bf473bad1d35e3f9e8695ce40cba593c
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2