0e9460dc21cc02250f20a7574f263f677fa9d23d887ed433247d750d329eecbf | Triage

Sharing

General

Target

0e9460dc21cc02250f20a7574f263f677fa9d23d887ed433247d750d329eecbf
Size

9.8MB
Sample

220516-p959bscef5
MD5

3755f07d9b2c33dd0cb64224dc158fba
SHA1

c1a92ee0155c58ea61f006bb994b261d1eaeac04
SHA256

0e9460dc21cc02250f20a7574f263f677fa9d23d887ed433247d750d329eecbf
SHA512

e527184d20e9f9e837d5b47e1736243609a87cce7d45df1ee9ca57b72347244d624b0718cf19644d92af5c1574db121408b7ee0dea733b8396b8432ff5a64829

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  0e9460dc21cc02250f20a7574f263f677fa9d23d887ed433247d750d329eecbf
- Size
  
  9.8MB
- MD5
  
  3755f07d9b2c33dd0cb64224dc158fba
- SHA1
  
  c1a92ee0155c58ea61f006bb994b261d1eaeac04
- SHA256
  
  0e9460dc21cc02250f20a7574f263f677fa9d23d887ed433247d750d329eecbf
- SHA512
  
  e527184d20e9f9e837d5b47e1736243609a87cce7d45df1ee9ca57b72347244d624b0718cf19644d92af5c1574db121408b7ee0dea733b8396b8432ff5a64829
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2