c299cc09abfb6ae932031148e8726680d8935cba50bf6661bb6ed21fcb1801bb | Triage

Submit
Reports

Overview

overview

8

Static

static

3

c299cc09ab...bb.exe

windows7_x64

8

c299cc09ab...bb.exe

windows10-2004_x64

8

Sharing

General

Target

c299cc09abfb6ae932031148e8726680d8935cba50bf6661bb6ed21fcb1801bb
Size

5.2MB
Sample

220516-cj3djahhc9
MD5

1602e66dbf6c6d9d42fff718a0bdc84e
SHA1

4fff705808153dd10f5a4d0622f5356634c72084
SHA256

c299cc09abfb6ae932031148e8726680d8935cba50bf6661bb6ed21fcb1801bb
SHA512

fff54e662ae1f753070781d0330d41276eafda1b25b3bd2bd478656fb28561c534b3a73723a2273917e3f4df9307dc9b35ae107966369cf8705ac4220c6a74a0

Score

8^/10

persistence pyinstaller spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

c299cc09abfb6ae932031148e8726680d8935cba50bf6661bb6ed21fcb1801bb.exe

Resource

win7-20220414-en

persistence spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c299cc09abfb6ae932031148e8726680d8935cba50bf6661bb6ed21fcb1801bb.exe

Resource

win10v2004-20220414-en

persistence spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  c299cc09abfb6ae932031148e8726680d8935cba50bf6661bb6ed21fcb1801bb
- Size
  
  5.2MB
- MD5
  
  1602e66dbf6c6d9d42fff718a0bdc84e
- SHA1
  
  4fff705808153dd10f5a4d0622f5356634c72084
- SHA256
  
  c299cc09abfb6ae932031148e8726680d8935cba50bf6661bb6ed21fcb1801bb
- SHA512
  
  fff54e662ae1f753070781d0330d41276eafda1b25b3bd2bd478656fb28561c534b3a73723a2273917e3f4df9307dc9b35ae107966369cf8705ac4220c6a74a0
Score

8^/10

persistence spyware stealer
- Drops file in Drivers directory
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer

© 2018-2024

Terms | Privacy