1aab932b595f9e3d750577e005ae02e77719692c81dd40185dc8854445a034ea | Triage

Sharing

General

Target

1aab932b595f9e3d750577e005ae02e77719692c81dd40185dc8854445a034ea
Size

10.6MB
Sample

220512-n8v7asgeap
MD5

6e1f5d02cc44f4af5d59a4071b538b4c
SHA1

10892bfb5920b819448479a2c32807ce5114845b
SHA256

1aab932b595f9e3d750577e005ae02e77719692c81dd40185dc8854445a034ea
SHA512

683fafe3d26d663055a0c83234453aa4cf07ce95f5d51fe598769a69b9b2844b8b53ad4931085fb197112fa03c8f36181919c6be6fd88fe57b2a871b936cdfa1

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  1aab932b595f9e3d750577e005ae02e77719692c81dd40185dc8854445a034ea
- Size
  
  10.6MB
- MD5
  
  6e1f5d02cc44f4af5d59a4071b538b4c
- SHA1
  
  10892bfb5920b819448479a2c32807ce5114845b
- SHA256
  
  1aab932b595f9e3d750577e005ae02e77719692c81dd40185dc8854445a034ea
- SHA512
  
  683fafe3d26d663055a0c83234453aa4cf07ce95f5d51fe598769a69b9b2844b8b53ad4931085fb197112fa03c8f36181919c6be6fd88fe57b2a871b936cdfa1
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2